(RADIATOR) Needs expet's opinion

Hugh Irvine hugh at open.com.au
Sun Aug 8 19:07:51 CDT 2004


Hello MJ -

You can add a STATUS column to the database and check it in the 
AuthSelect:

	AuthSelect select ....... from SUBSCRIBERS \
		where USERNAME = %0 \
		and STATUS = 1

You would then set the STATUS column to 1 for active and anything else 
for inactive.

regards

Hugh


On 9 Aug 2004, at 00:35, MJ wrote:

> Hi,
> I found all my requirements in the manual and FAQs accept one thing, 
> some
> times we need to inactivate some user, we want radius not to 
> authenticate
> such inactive users. Do we need to add any column in the subscribers 
> table?
> and how we can define this in the cfg file.
>
> Thanks,
> MJ
> ----- Original Message -----
> From: "MJ" <php at cyberia.net.sa>
> To: <scottxiao at antlabs.com>
> Cc: <radiator at open.com.au>
> Sent: Saturday, August 07, 2004 1:31 PM
> Subject: Re: (RADIATOR) Needs expet's opinion
>
>
>> Scott,
>> Thanks for your suggestion. prepaid.cfg has the option to verify 
>> TIMELEFT
>> not the expiry date, our prepaid customers have restriction to 
>> activate
> and
>> utilize their hours before an expiry date, therefor if a customer with
> valid
>> username and password has enough credits but his card is expired he 
>> should
>> not be able to login. Let me again summarize my requirements for 
>> prepaid
>> customers.
>>
>> A customer should only be get authenticated if he meets all four 
>> criteria
>>
>> 1- Customer must supply correct username and password
>> 2- Customer should have greater than 0 TIMELEFT
>> 3- Customer card is not expired
>> 4- Customer has ACTIVE status, means he is not manually INACTIVE due 
>> to
> some
>> reason.
>>
>> Please advise.
>> MJ
>> ----- Original Message -----
>> From: "Scott Xiao - ANTlabs" <scottxiao at antlabs.com>
>> To: "MJ" <php at cyberia.net.sa>
>> Cc: <radiator at open.com.au>
>> Sent: Saturday, August 07, 2004 12:52 PM
>> Subject: RE: (RADIATOR) Needs expet's opinion
>>
>>
>>> Hi,MJ,
>>> The one you mentioned could be done through prepaid config,go to 
>>> goodies
>> and
>>> see the prepaid config samle.it may help you.
>>> Scott
>>>
>>> -----Original Message-----
>>> From: owner-radiator at open.com.au 
>>> [mailto:owner-radiator at open.com.au]On
>>> Behalf Of MJ
>>> Sent: Saturday, August 07, 2004 5:00 PM
>>> To: Hugh Irvine
>>> Cc: radiator at open.com.au
>>> Subject: Re: (RADIATOR) Needs expet's opinion
>>>
>>>
>>> High Hugh,
>>> The objective is that radiator checks that the requested user is 
>>> valid
> or
>>> expired even he has entered correct username and password. The user 
>>> will
>> not
>>> enter the expiry date but the radiator should verify it from the
> database,
>>> is it possible?
>>>
>>> Thanks,
>>> MJ
>>> ----- Original Message -----
>>> From: "Hugh Irvine" <hugh at open.com.au>
>>> To: "MJ" <php at cyberia.net.sa>
>>> Cc: <radiator at open.com.au>
>>> Sent: Wednesday, August 04, 2004 11:26 AM
>>> Subject: Re: (RADIATOR) Needs expet's opinion
>>>
>>>
>>>>
>>>> Hello MJ -
>>>>
>>>> You would do something like this:
>>>>
>>>> # Modification start
>>>>          AuthSelect select password, expiration, replyattr from
>>>> subscribers \
>>>>          where username=%0
>>>>          AuthColumnDef 0, User-Password, check
>>>>          AuthColumnDef 1, Expiration, check
>>>>          AuthColumnDef 2, GENERIC, reply
>>>> # Modification End
>>>>
>>>> See section 13.1.4 in the Radiator 3.9 reference manual
>>>> ("doc/ref.html") and the examples in the "goodies" directory.
>>>>
>>>> regards
>>>>
>>>> Hugh
>>>>
>>>>
>>>>
>>>> On 3 Aug 2004, at 20:55, MJ wrote:
>>>>
>>>>> Hugh,
>>>>> I need Radiator to check expiry date also along with password 
>>>>> during
>>>>> authentication, how we can achieve this task.
>>>>>
>>>>> Thanks,
>>>>> MJ
>>>>> ----- Original Message -----
>>>>> From: "Hugh Irvine" <hugh at open.com.au>
>>>>> To: "MJ" <php at cyberia.net.sa>
>>>>> Cc: <radiator at open.com.au>
>>>>> Sent: Tuesday, August 03, 2004 3:32 AM
>>>>> Subject: Re: (RADIATOR) Needs expet's opinion
>>>>>
>>>>>
>>>>>
>>>>> Hello MJ -
>>>>>
>>>>> Your configuration file looks fine.
>>>>>
>>>>> regards
>>>>>
>>>>> Hugh
>>>>>
>>>>>
>>>>> On 2 Aug 2004, at 18:12, MJ wrote:
>>>>>
>>>>>> Hi,
>>>>>> We are about to buy Radiator and put it in production, I have
> tested
>>>>>> the functionality with following cfg file and it seems that it is
>>>>>> working fine but I want to have an expert's opinion on the config
>>>>>> before I put it in the production, basically it is a slightly
>> modified
>>>>>> version of goodies/sql.cfg. At the moment our objective is
>>>>>> authenticate the user from Oracle database running on remote
> server,
>>>>>> send some cisco-avpair as reply attribute and generate CDRs in the
>>>>>> same Oracle database.
>>>>>>
>>>>>> sql.cfg is attached with this message, sample record from
> subscribers
>>>>>> table is as follows
>>>>>>
>>>>>> USERNAME: poolb at 64.cyberia.net.sa
>>>>>> PASSWORD: 1234
>>>>>> REPLYATTR: cisco-avpair="ip:addr-pool=cyberia" ,
>>>>>> cisco-avpair="lcp:interface-config#1=rate-limit output 512000 7500
>>>>>> 7500 conform-action continue exceed-action drop",
>>>>>>
>>>>>>
>>>>>> Please suggest if we are missing some thing, or if it can be
>> improved.
>>>>>>
>>>>>> Thanks,
>>>>>> MJ
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> <sql.cfg>
>>>>>
>>>>> NB: have you included a copy of your configuration file (no
> secrets),
>>>>> together with a trace 4 debug showing what is happening?
>>>>>
>>>>> --
>>>>> Radiator: the most portable, flexible and configurable RADIUS 
>>>>> server
>>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>>>>> -
>>>>> Nets: internetwork inventory and management - graphical, 
>>>>> extensible,
>>>>> flexible with hardware, software, platform and database
> independence.
>>>>> -
>>>>> CATool: Private Certificate Authority for Unix and Unix-like
> systems.
>>>>>
>>>>> --
>>>>> Archive at http://www.open.com.au/archives/radiator/
>>>>> Announcements on radiator-announce at open.com.au
>>>>> To unsubscribe, email 'majordomo at open.com.au' with
>>>>> 'unsubscribe radiator' in the body of the message.
>>>>>
>>>>>
>>>>
>>>> NB: have you included a copy of your configuration file (no 
>>>> secrets),
>>>> together with a trace 4 debug showing what is happening?
>>>>
>>>> --
>>>> Radiator: the most portable, flexible and configurable RADIUS server
>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>>>> -
>>>> Nets: internetwork inventory and management - graphical, extensible,
>>>> flexible with hardware, software, platform and database 
>>>> independence.
>>>> -
>>>> CATool: Private Certificate Authority for Unix and Unix-like 
>>>> systems.
>>>>
>>>>
>>>
>>>
>>> --
>>> Archive at http://www.open.com.au/archives/radiator/
>>> Announcements on radiator-announce at open.com.au
>>> To unsubscribe, email 'majordomo at open.com.au' with
>>> 'unsubscribe radiator' in the body of the message.
>>>
>>>
>>>
>>
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list