(RADIATOR) CachePasswords not available in AuthBy ROUNDROBIN
Hugh Irvine
hugh at open.com.au
Thu Oct 2 18:42:23 CDT 2003
Hello Robert -
On your first point, the behaviour of CachePasswords was extended some
time ago to support the mode of operation that you are describing -
hence the change in the manual.
For your second point, it is usually easier to set up your Handlers
with specific matches for everything you want to deal with and finish
with a default Handler that simply rejects everything else.
Ie:
<Handler ....>
.....
</Handler>
<Handler ....>
.....
</Handler>
.....
<Handler>
<AuthBy INTERNAL>
DefaultResult REJECT
</AuthBy>
</Handler>
regards
Hugh
On Friday, Oct 3, 2003, at 06:19 Australia/Melbourne, Robert Blayzor
wrote:
> On 10/2/03 1:01 PM, "Robert Blayzor" <noc at inoc.net> wrote:
>
>> I have a Radiator farm setup which I'm trying to AuthBy ROUNDROBIN
>> to... It
>> doesn't appear that CachePasswords works for this AuthBy. Looking at
>> my
>> trace, auths are always sent to the clients and never lookedup in the
>> cache
>> even though I've authed several times..
>
> I got this one figured out. Helps to consult the manual first, mine
> was a
> little out of date on print. Anyway, changing the default handling of
> this
> was the fix.
>
> I do have one question for Hugh however.
>
> How can one completely drop or reject any request coming in at the
> client
> level based on attributes received (or NOT received for that matter).
>
> For example, say I want to ignore or drop any accounting requests from
> a
> client with the "User-Name" attribute missing, or empty string. I see
> this
> problem a lot on Ascent maxes.
>
> --
> Robert Blayzor, BOFH
> INOC, LLC
> rblayzor at inoc.net
> PGP: http://www.inoc.net/~dev/
> Key fingerprint = A445 7D1E 3D4F A4EF 6875 21BB 1BAA 10FE 5748 CFE9
>
> A Life? Cool! Where can I download one of those from?
>
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list