(RADIATOR) Failure reason accessibility
Jeremy Hinton
jgh at visi.net
Wed Oct 22 14:23:31 CDT 2003
Is there any way inside a <Handler> clause to access the reason for the
current requests failing, as it is accessible via %1 in an <AuthLog>
clause? I would like to be able to pass back the actual failure reason to
the client instead of the cryptic Reply-Message="Request
Denied". Something along the lines of the following, where %x is the var
for the failure reason:
<Handler>
SessionDatabase SDB_SQL
AuthBy Auth_SQL
StripFromReply Reply-Message
AddToReply Reply-Message=%x
</Handler>
The reason for this is we are migrating to using an AuthBy RADIUS setup,
where one server proxies to another. Unfortunately, on the proxy/ front end
server, the %1/Reason in an AuthLog SQL clause is always set to "Proxy" on
all login failures, instead of the normally descriptive failure reason. I
realize this is because the proxy server has no way of knowing what the
failure reason is from the server its passing the request to. Hence, my
need to have the back-end server insert the failure text into the reply
packet. Then i can structure the AuthLog SQL insert statement on my front
end server to log '%{Reply:Reply-Message}' instead of %1 for the failure
reason. Does this make sense?
- jeremy
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list