(RADIATOR) AuthLDAP

Ingvar Berg (LI/EAB) ingvar.berg at ericsson.com
Thu Jun 3 01:55:12 CDT 2004


Hi Riza,

Maybe you can put that information into the class attribute when the user is authenticated, and then use it in your hook code at accounting stop processing?

/Ingvar

>  -----Original Message-----
> From: 	owner-radiator at open.com.au 
> [mailto:owner-radiator at open.com.au]  On Behalf Of Riza Kamalie
> Sent:	den 2 juni 2004 17:17
> To:	radiator at open.com.au
> Subject:	(RADIATOR) AuthLDAP
> Importance:	High
> 
> Hi, 
> 
> We currently use a separate handler to deal with accounting 
> stop records and I am having a problem with reading in LDAP 
> attributes into a 
> 
> custom auth module <AuthXXXX>, I believe have defined the 
> attributes in the auth module correctly that are used in the 
> config file namely <PrepaidValue>
> 
> below is the handler for the stop record and snippet of the 
> test code. 
> 
> I would like to manipulate a stop record attribute based on 
> what I find in LDAP for a user. 
> 
> Please assist, 
> 
> --------------------------------------------------------------
> --------------------------------------------------------------
> --------------------------------------------------------------------
> 
> <Handler Acct-Status-Type = "Stop"> 
> 
>         # Convert Upper to lower case 
>         # Removes all spaces 
>         # Rewrites only username for username with forward/backslash 
> 
> 
>         RewriteUsername      tr/A-Z/a-z/ 
>         RewriteUsername      s/\s+//g 
> 
>         AuthByPolicy ContinueWhileAccept 
> 
>        <AuthBy LDAP2> 
>                 Host            eldap.worldonline.co.za 
>                 HoldServerConnection 
>                 NoDefaultIfFound 
>                 NoDefault 
> 
>                 # if ldap search fails backoff for 30 seconds 
>                 FailureBackoffTime 30 
> 
>                 # Added so that Radiator does not have to 
> bind on every reqeust 
>                 # NoBindBeforeOp 
> 
>                 AuthDN uid=xxxx,ou=xxxx,o=WOL,c=xxx 
>                 AuthPassword unlink 
> 
>                 BaseDN ou=xxx,ou=users,o=xxx,c=xxx 
> 
>                 UsernameAttr    uid 
>                 AuthAttrDef radiusauthentication,LDAP_test,reply 
>                 AuthAttrDef radiusprepaidvalue,testing,reply 
> 
>         </AuthBy> 
>         <AuthBy XXXXX> 
>                 PrepaidValue   %{testing} 
>         </AuthBy XXXXX> 
> 
> --------------------------------------------------------------
> ---------------------------------- 
> 
> AuthXXXXX <snippet> 
>    elsif ($p->code eq 'Accounting-Request') 
>     { 
> 
>         print "\n\nacccccccccccounting\n\n"; 
> 
> if ($p->getAttrByNum($Radius::Radius::ACCT_STATUS_TYPE) eq 'Stop') 
> { 
>         my @a; 
>         my $old_item; 
>         my $test; 
> 
>         @a=$p->get_attr('LDAP_test'); 
>         $old_item=$p->get_attr('RadiusAuthentication'); 
>         $test=$p->get_attr('testing'); 
> 
>         print "LDAP: @a\n"; 
>         print "In request: $old_item\n"; 
>         print "Prep: $test\n"; 
> 
> } 
>         $self->log($main::LOG_DEBUG, 
> "Radius::AuthWOLPrepaidAccounting ACCEPT:"); 
>         return ($main::ACCEPT); 
> 
> ================================================================ 
> 
> 
> Radiator foreground output 
> 
> /usr/bin/perl /usr/bin/radiusd -config_file 
> ./radius-tiscali.cfg -foreground 
> 
> 
> cccccccccccounting 
> 
> LDAP: <EMPTY> 
> In request: analogue 
> Prep: <EMPTY> 
> 
> 
> 
> 
> 
> Riza Kamalie 
> Engineering: Specialist: Authentication 
> 
> TISCALI (PTY) LTD 
> INTERNET WITH A PASSION. 
> 
> 082 Alexander Road, Bellville 
> Mobile : +27 82 520 1129 
> Office :  021 940 9954 
> Fax :    +27 21 940 9103 
> E-Mail : Riza.Kamalie at za.tiscali.com 
> <http://www.tiscali.co.za> 
> 
> Disclaimer: This email is considered a business record and is 
> therefore property of Tiscali. This email, and any files 
> transmitted with it are confidential and are intended solely 
> for the use of the individual or entity to whom they are 
> addressed. This communication represents the originator's 
> personal views and opinions, which do not necessarily reflect 
> those of Tiscali. If you are not the original recipient or 
> the person responsible for delivering the email to the 
> intended recipient, be advised that you have this email in 
> error, and that any use, dissemination, forwarding, printing, 
> or copying of this email is strictly prohibited. If you 
> received this email in error, please immediately notify 
> disclaimer at za.tiscali.com.
> 

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list