(RADIATOR) AuthLDAP

Riza Kamalie riza at worldonline.co.za
Wed Jun 2 10:17:30 CDT 2004


Hi, 

We currently use a separate handler to deal with accounting stop records
and I am having a problem with reading in LDAP attributes into a 
custom auth module <AuthXXXX>, I believe have defined the attributes in
the auth module correctly that are used in the config file namely
<PrepaidValue>

below is the handler for the stop record and snippet of the test code. 

I would like to manipulate a stop record attribute based on what I find
in LDAP for a user.

Please assist,

------------------------------------------------------------------------
------------------------------------------------------------------------
------------------------------------------------
<Handler Acct-Status-Type = "Stop">

        # Convert Upper to lower case
        # Removes all spaces
        # Rewrites only username for username with forward/backslash


        RewriteUsername      tr/A-Z/a-z/
        RewriteUsername      s/\s+//g

        AuthByPolicy ContinueWhileAccept

       <AuthBy LDAP2>
                Host            eldap.worldonline.co.za
                HoldServerConnection
                NoDefaultIfFound
                NoDefault

                # if ldap search fails backoff for 30 seconds
                FailureBackoffTime 30

                # Added so that Radiator does not have to bind on every
reqeust
                # NoBindBeforeOp

                AuthDN uid=xxxx,ou=xxxx,o=WOL,c=xxx
                AuthPassword unlink

                BaseDN ou=xxx,ou=users,o=xxx,c=xxx

                UsernameAttr    uid
                AuthAttrDef radiusauthentication,LDAP_test,reply
                AuthAttrDef radiusprepaidvalue,testing,reply

        </AuthBy> 
        <AuthBy XXXXX>
                PrepaidValue   %{testing}
        </AuthBy XXXXX>

------------------------------------------------------------------------
------------------------

AuthXXXXX <snippet>
   elsif ($p->code eq 'Accounting-Request')
    {

        print "\n\nacccccccccccounting\n\n";

if ($p->getAttrByNum($Radius::Radius::ACCT_STATUS_TYPE) eq 'Stop')
{
        my @a;
        my $old_item;
        my $test;

        @a=$p->get_attr('LDAP_test');
        $old_item=$p->get_attr('RadiusAuthentication');
        $test=$p->get_attr('testing');

        print "LDAP: @a\n";
        print "In request: $old_item\n";
        print "Prep: $test\n";

}
        $self->log($main::LOG_DEBUG, "Radius::AuthWOLPrepaidAccounting
ACCEPT:");
        return ($main::ACCEPT);

================================================================


Radiator foreground output

/usr/bin/perl /usr/bin/radiusd -config_file ./radius-tiscali.cfg
-foreground


cccccccccccounting

LDAP: <EMPTY>
In request: analogue
Prep: <EMPTY>





Riza Kamalie
Engineering: Specialist: Authentication

TISCALI (PTY) LTD
INTERNET WITH A PASSION.

082 Alexander Road, Bellville 
Mobile : +27 82 520 1129
Office :  021 940 9954
Fax :    +27 21 940 9103
E-Mail : Riza.Kamalie at za.tiscali.com
http://www.tiscali.co.za

Disclaimer: This email is considered a business record and is therefore
property of Tiscali. This email, and any files transmitted with it are
confidential and are intended solely for the use of the individual or
entity to whom they are addressed. This communication represents the
originator's personal views and opinions, which do not necessarily
reflect those of Tiscali. If you are not the original recipient or the
person responsible for delivering the email to the intended recipient,
be advised that you have this email in error, and that any use,
dissemination, forwarding, printing, or copying of this email is
strictly prohibited. If you received this email in error, please
immediately notify disclaimer at za.tiscali.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20040602/dd478a19/attachment.html>


More information about the radiator mailing list