(RADIATOR) Username Translation Problems
Mike McCauley
mikem at open.com.au
Sun May 2 02:51:00 CDT 2004
Hi Keith,
On Sun, 2 May 2004 04:42 pm, Keith Dornbusch wrote:
> Does anyone know how to use Rewriteusername and only convert the realm
> portion to lowercase?
> Example:
> Before - JoE at XyZ.Com
> After - JoE at xyz.com
RewriteUsername s/(?<=@)(.*)$/lc($1)/e
>
> Also I am having to use an Auth GROUP to do Authentication fallover and
> I am experiencing a problem in that my AuthBy FILE user entry does not
> have a realm name but my AuthBy SQL and SQLRADIUS do. Because you can
> only do Uername rewrites at Realm and AuthBy Group Levels and not other
> AuthBy's I need to find a way to keep my fallover and still rewrite the
> username before AuthBy FILE and restore it immediately after AuthBy FILE
> and before AuthBy SQL.
> Any Clues?
Ill leave this for someone else.
>
> Here is the portion of code:
>
> <Realm xxxxx.xxx>
> .......
> .......
>
> <AuthBy GROUP>
> # Strip Realm Option on UserName
> RewriteUsername s/^([^@]+).*/$1/
> AuthByPolicy ContinueUntilAccept
> <AuthBy FILE>
> # Look up user details in a flat file
> Nocache
> # %D is replaced by DbDir above
> Filename users.file
> </AuthBy>
>
> <AuthBy SQL>
> # SQLRecoveryFile is Version 3.8 or higher
> SQLRecoveryFile %L/missedaccounting
> DBSource
> dbi:mysql:%{GlobalVar:MySQLDb}:%{GlobalVar:MySQLServer}:%{GlobalVar:MySQ
> LPort}
> DBUsername %{GlobalVar:MySQLUser}
> DBAuth %{GlobalVar:MySQLPassword}
> DateFormat '%b $d,%Y %H:%M:%S'
> HandleAcctStatusTypes Start
> AcctInsertQuery insert into %0(%1) values (%2)
> # AuthSelect
> AccountingTable selecnetaccounting
> AcctColumnDef User_Name,User-Name
> AcctColumnDef Start_Time,Timestamp
> AcctColumnDef Stop_Time,Timestamp
> AcctColumnDef State,State
> AcctColumnDef Password,Password
> AcctColumnDef Expiration,Expiration
> AcctColumnDef Service_Type,Service-Type
> AcctColumnDef Framed_Protocol,Framed-Protocol
> AcctColumnDef
> Ascend_Assign_IP_Pool,Ascend-Assign-IP-Pool
> AcctColumnDef
> Ascend_Idle_Limit,Ascend-Idle-Limit
> AcctColumnDef
> Ascend_Maximum_Channels,Ascend-Maximum-Channels
> AcctColumnDef
> Ascend_Minimum_Channels,Ascend-Minimum-Channels
> AcctColumnDef
> Framed_IP_Address,Framed-IP-Address
> AcctColumnDef
> Framed_IP_Netmask,Framed-IP-Netmask
> AcctColumnDef NAS_IP_Address,NAS-IP-Address
> AcctColumnDef NAS_Port,NAS-Port
> AcctColumnDef NAS_Port_Type,NAS-Port-Type
> AcctColumnDef Acct_Status_Type,Acct-Status-Type
> AcctColumnDef Acct_Delay_Time,Acct-Delay-Time
> AcctColumnDef Acct_Session_Id,Acct-Session-Id
> AcctColumnDef Acct_Authentic,Acct-Authentic
> AcctColumnDef
> Acct_Session_Time,Acct-Session-Time
> AcctColumnDef
> Acct_Input_Octets,Acct-Input-Octets
> AcctColumnDef
> Acct_Output_Octets,Acct-Output-Octets
> AcctColumnDef
> Acct_Input_Packets,Acct-Input-Packets
> AcctColumnDef
> Acct_Output_Packets,Acct-Output-Packets
> AcctColumnDef
> Ascend_Disconnect_Cause,Ascend-Disconnect-Cause
> AcctColumnDef
> Ascend_Connect_Progress,Ascend-Connect-Progress
> AcctColumnDef Ascend_Xmit_Rate,Ascend-Xmit-Rate
> AcctColumnDef Ascend_Data_Rate,Ascend-Data-Rate
> AcctColumnDef
> Ascend_PreSession_Time,Ascend-PreSession-Time
> AcctColumnDef
> Ascend_Pre_Input_Octets,Ascend-Pre-Input-Octets
> AcctColumnDef
> Ascend_Pre_Output_Octets,Ascend-Pre-Output-Octets
> AcctColumnDef
> Ascend_Pre_Input_Packets,Ascend-Pre-Input-Packets
> AcctColumnDef
> Ascend_Pre_Output_Packets,Ascend-Pre-Output-Packets
> AcctColumnDef
> Ascend_First_Dest,Ascend-First-Dest
> AcctColumnDef
> Ascend_Multilink_ID,Ascend-Multilink-ID
> AcctColumnDef
> Ascend_Num_In_Multilink,Ascend-Num-In-Multilink
> AcctColumnDef Acct_Link_Count,Acct-Link-Count
> AcctColumnDef
> Acct_Multi_Session_Id,Acct-Multi-Session-Id
> AcctColumnDef
> Ascend_Modem_PortNo,Ascend-Modem-PortNo
> AcctColumnDef
> Ascend_Modem_SlotNo,Ascend-Modem-SlotNo
> AcctColumnDef
> Calling_Station_Id,Calling-Station-Id
> AcctColumnDef
> Called_Station_Id,Called-Station-Id
> AcctColumnDef CHAP_Password,CHAP-Password
> AcctColumnDef Connect_Info,Connect-Info
> AcctColumnDef
> Ascend_Handle_IPX,Ascend-Handle-IPX
> AcctColumnDef NAS_Identifier,NAS-Identifier
> AcctColumnDef CHAP_Challenge,CHAP-Challenge
> AcctColumnDef
> Ascend_Netware_timeout,Ascend-Netware-timeout
> AcctColumnDef Proxy_State,Proxy-State
> AcctColumnDef Class,Class
> AcctColumnDef
> Framed_Compression,Framed-Compression
> AcctColumnDef Port_Limit,Port-Limit
> AcctColumnDef
> Acct_Terminate_Cause,Acct-Terminate-Cause
> AcctColumnDef
> CVX_SS7_Session_ID_Type,CVX-SS7-Session-ID-Type
> AcctColumnDef
> CVX_Terminate_Cause,CVX-Terminate-Cause
> AcctColumnDef Login_IP_Host,Login-IP-Host
> AcctColumnDef User_Password,User-Password
> AcctColumnDef Framed_Routing,Framed-Routing
> AcctColumnDef Filter_Id,Filter-Id
> AcctColumnDef Framed_MTU,Framed-MTU
> AcctColumnDef Login_Service,Login-Service
> AcctColumnDef Login_TCP_Port,Login-TCP-Port
> AcctColumnDef Framed_Route,Framed-Route
> AcctColumnDef
> Framed_IPX_Network,Framed-IPX-Network
> AcctColumnDef
> Termination_Action,Termination-Action
> AcctColumnDef Vendor_specific,Vendor-specific
> AcctColumnDef
> Acct_Input_Gigawords,Acct-Input-Gigawords
> AcctColumnDef
> Acct_Output_Gigawords,Acct-Output-Gigawords
> AcctColumnDef Old_Password,Old-Password
> AcctColumnDef Reply_Message,Reply-Message
> AcctColumnDef Callback_Number,Callback-Number
> AcctColumnDef Callback_ID,Callback-ID
> AcctColumnDef User_Realm,User-Realm
> AcctColumnDef
> CVX_Identification,CVX-Identification
> AcctColumnDef
> Ascend_Source_Auth,Ascend-Source-Auth
> AcctColumnDef
> Session_Authentic,Session-Authentic
> AcctColumnDef Event_Timestamp,Event-Timestamp
> AcctColumnDef
> cvx_ppp_inactivity_limit,CVX-PPP-Inactivity-Limit
> AcctColumnDef GRIC_Timestamp,GRIC-Timestamp
> AcctColumnDef
> Ascend_Modem_ShelfNo,Ascend-Modem-ShelfNo
> AcctColumnDef
> Ascend_Owner_IP_Addr,Ascend-Owner-IP-Addr
> AcctColumnDef
> Tunnel_Client_Endpoint,Tunnel-Client-Endpoint
> AcctColumnDef
> Tunnel_Server_Endpoint,Tunnel-Server-Endpoint
> AcctColumnDef Idle_Timeout,Idle-Timeout
> AcctColumnDef Tunnel_Type,Tunnel-Type
> AcctColumnDef Class_1,Class-1
> AcctColumnDef Tunnel_ID,Tunnel-ID
> AcctColumnDef Ascend_FR_Direct,Ascend-FR-Direct
> AcctColumnDef CVX_VPOP_ID,CVX-VPOP-ID
> AcctColumnDef
> CVX_Terminate_Component,CVX-Terminate-Component
> AcctColumnDef Timestamp,Timestamp
> DefaultSimultaneousUse 2
> RejectEmptyPassword
> </AuthBy>
> <AuthBy SQL>
> # SQLRecoveryFile is Version 3.8 or higher
> SQLRecoveryFile %L/missedaccounting
> DBSource
> dbi:mysql:%{GlobalVar:MySQLDb}:%{GlobalVar:MySQLServer}:%{GlobalVar:MySQ
> LPort}
> DBUsername %{GlobalVar:MySQLUser}
> DBAuth %{GlobalVar:MySQLPassword}
> DateFormat '%b $d,%Y %H:%M:%S'
> HandleAcctStatusTypes Stop
> AcctInsertQuery update %0 set Acct_Status_Type =
> '%{Acct-Status-Type}', \
> Acct_Delay_Time = '%{Acct-Delay-Time}',
> Acct_Input_Octets = '%{Acct-Input-Octets}', \
> Acct_Output_Octets = '%{Acct-Output-Octets}',
> Acct_Authentic = '%{Acct-Authentic}', \
> Acct_Session_Time = '%{Acct-Session-Time}',
> Stop_Time = '%{Timestamp}', \
> Acct_Input_Packets = '%{Acct-Input-Packets}',
> Acct_Output_Packets = '%{Acct-Output-Packets}', \
> Acct_Terminate_Cause =
> '%{Acct-Terminate-Cause}', \
> Ascend_Pre_Input_Octets =
> '%{Ascend-Pre-Input-Octets}', \
> Ascend_Pre_Output_Octets =
> '%{Ascend-Pre-Output-Octets}', Ascend_Pre_Input_Packets =
> '%{Ascend-Pre-Input-Packets}', \
> Ascend_Pre_Output_Packets =
> '%{Ascend-Pre-Output-Packets}', Ascend_Disconnect_Cause =
> '%{Ascend-Disconnect-Cause}', \
> Ascend_Connect_Progress =
> '%{Ascend-Connect-Progress}', Ascend_Data_Rate = '%{Ascend-Data-Rate}',
> \
> Ascend_PreSession_Time =
> '%{Ascend-PreSession-Time}', Ascend_Xmit_Rate = '%{Ascend-Xmit-Rate}' \
> where Acct_Session_Id = '%{Acct-Session-Id}'
> # AcctInserQuery update %0 set nas_ip_address =
> '%{NAS-IP-Address}' where acct_session_id = '%{Acct-Session-Id}'
> AuthSelect
> AccountingTable selecnetaccounting
> AcctColumnDef User_Name,User-Name
> AcctColumnDef Start_Time,Timestamp
> AcctColumnDef Stop_Time,Timestamp
> AcctColumnDef State,State
> AcctColumnDef Password,Password
> AcctColumnDef Expiration,Expiration
> AcctColumnDef Service_Type,Service-Type
> AcctColumnDef Framed_Protocol,Framed-Protocol
> AcctColumnDef
> Ascend_Assign_IP_Pool,Ascend-Assign-IP-Pool
> AcctColumnDef
> Ascend_Idle_Limit,Ascend-Idle-Limit
> AcctColumnDef
> Ascend_Maximum_Channels,Ascend-Maximum-Channels
> AcctColumnDef
> Ascend_Minimum_Channels,Ascend-Minimum-Channels
> AcctColumnDef
> Framed_IP_Address,Framed-IP-Address
> AcctColumnDef
> Framed_IP_Netmask,Framed-IP-Netmask
> AcctColumnDef NAS_IP_Address,NAS-IP-Address
> AcctColumnDef NAS_Port,NAS-Port
> AcctColumnDef NAS_Port_Type,NAS-Port-Type
> AcctColumnDef Acct_Status_Type,Acct-Status-Type
> AcctColumnDef Acct_Delay_Time,Acct-Delay-Time
> AcctColumnDef Acct_Session_Id,Acct-Session-Id
> AcctColumnDef Acct_Authentic,Acct-Authentic
> AcctColumnDef
> Acct_Session_Time,Acct-Session-Time
> AcctColumnDef
> Acct_Input_Octets,Acct-Input-Octets
> AcctColumnDef
> Acct_Output_Octets,Acct-Output-Octets
> AcctColumnDef
> Acct_Input_Packets,Acct-Input-Packets
> AcctColumnDef
> Acct_Output_Packets,Acct-Output-Packets
> AcctColumnDef
> Ascend_Disconnect_Cause,Ascend-Disconnect-Cause
> AcctColumnDef
> Ascend_Connect_Progress,Ascend-Connect-Progress
> AcctColumnDef Ascend_Xmit_Rate,Ascend-Xmit-Rate
> AcctColumnDef Ascend_Data_Rate,Ascend-Data-Rate
> AcctColumnDef
> Ascend_PreSession_Time,Ascend-PreSession-Time
> AcctColumnDef
> Ascend_Pre_Input_Octets,Ascend-Pre-Input-Octets
> AcctColumnDef
> Ascend_Pre_Output_Octets,Ascend-Pre-Output-Octets
> AcctColumnDef
> Ascend_Pre_Input_Packets,Ascend-Pre-Input-Packets
> AcctColumnDef
> Ascend_Pre_Output_Packets,Ascend-Pre-Output-Packets
> AcctColumnDef
> Ascend_First_Dest,Ascend-First-Dest
> AcctColumnDef
> Ascend_Multilink_ID,Ascend-Multilink-ID
> AcctColumnDef
> Ascend_Num_In_Multilink,Ascend-Num-In-Multilink
> AcctColumnDef Acct_Link_Count,Acct-Link-Count
> AcctColumnDef
> Acct_Multi_Session_Id,Acct-Multi-Session-Id
> AcctColumnDef
> Ascend_Modem_PortNo,Ascend-Modem-PortNo
> AcctColumnDef
> Ascend_Modem_SlotNo,Ascend-Modem-SlotNo
> AcctColumnDef
> Calling_Station_Id,Calling-Station-Id
> AcctColumnDef
> Called_Station_Id,Called-Station-Id
> AcctColumnDef CHAP_Password,CHAP-Password
> AcctColumnDef Connect_Info,Connect-Info
> AcctColumnDef
> Ascend_Handle_IPX,Ascend-Handle-IPX
> AcctColumnDef NAS_Identifier,NAS-Identifier
> AcctColumnDef CHAP_Challenge,CHAP-Challenge
> AcctColumnDef
> Ascend_Netware_timeout,Ascend-Netware-timeout
> AcctColumnDef Proxy_State,Proxy-State
> AcctColumnDef Class,Class
> AcctColumnDef
> Framed_Compression,Framed-Compression
> AcctColumnDef Port_Limit,Port-Limit
> AcctColumnDef
> Acct_Terminate_Cause,Acct-Terminate-Cause
> AcctColumnDef
> CVX_SS7_Session_ID_Type,CVX-SS7-Session-ID-Type
> AcctColumnDef
> CVX_Terminate_Cause,CVX-Terminate-Cause
> AcctColumnDef Login_IP_Host,Login-IP-Host
> AcctColumnDef User_Password,User-Password
> AcctColumnDef Framed_Routing,Framed-Routing
> AcctColumnDef Filter_Id,Filter-Id
> AcctColumnDef Framed_MTU,Framed-MTU
> AcctColumnDef Login_Service,Login-Service
> AcctColumnDef Login_TCP_Port,Login-TCP-Port
> AcctColumnDef Framed_Route,Framed-Route
> AcctColumnDef
> Framed_IPX_Network,Framed-IPX-Network
> AcctColumnDef
> Termination_Action,Termination-Action
> AcctColumnDef Vendor_specific,Vendor-specific
> AcctColumnDef
> Acct_Input_Gigawords,Acct-Input-Gigawords
> AcctColumnDef
> Acct_Output_Gigawords,Acct-Output-Gigawords
> AcctColumnDef Old_Password,Old-Password
> AcctColumnDef Reply_Message,Reply-Message
> AcctColumnDef Callback_Number,Callback-Number
> AcctColumnDef Callback_ID,Callback-ID
> AcctColumnDef User_Realm,User-Realm
> AcctColumnDef
> CVX_Identification,CVX-Identification
> AcctColumnDef
> Ascend_Source_Auth,Ascend-Source-Auth
> AcctColumnDef
> Session_Authentic,Session-Authentic
> AcctColumnDef Event_Timestamp,Event-Timestamp
> AcctColumnDef
> cvx_ppp_inactivity_limit,CVX-PPP-Inactivity-Limit
> AcctColumnDef GRIC_Timestamp,GRIC-Timestamp
> AcctColumnDef
> Ascend_Modem_ShelfNo,Ascend-Modem-ShelfNo
> AcctColumnDef
> Ascend_Owner_IP_Addr,Ascend-Owner-IP-Addr
> AcctColumnDef
> Tunnel_Client_Endpoint,Tunnel-Client-Endpoint
> AcctColumnDef
> Tunnel_Server_Endpoint,Tunnel-Server-Endpoint
> AcctColumnDef Idle_Timeout,Idle-Timeout
> AcctColumnDef Tunnel_Type,Tunnel-Type
> AcctColumnDef Class_1,Class-1
> AcctColumnDef Tunnel_ID,Tunnel-ID
> AcctColumnDef Ascend_FR_Direct,Ascend-FR-Direct
> AcctColumnDef CVX_VPOP_ID,CVX-VPOP-ID
> AcctColumnDef
> CVX_Terminate_Component,CVX-Terminate-Component
> AcctColumnDef Timestamp,Timestamp
> DefaultSimultaneousUse 2
> RejectEmptyPassword
> </AuthBy>
>
>
> <AuthBy SQLRADIUS>
> # For downstream (PROXY) Radius use
> # This uses the users realm to look up the target
> # radius server in an SQL database
> DBSource
> dbi:mysql:%{GlobalVar:MySQLDb}:%{GlobalVar:MySQLServer}:%{GlobalVar:MySQ
> LPort}
> DBUsername %{GlobalVar:MySQLUser}
> DBAuth %{GlobalVar:MySQLPassword}
> # NumHosts 2
> HostSelect select HOST%0, SECRET, AUTHPORT,
> ACCTPORT, RETRIES, RETRYTIMEOUT, \
> USEOLDASCENDPASSWORDS,
> SERVERHASBROKENPORTNUMBERS, SERVERHASBROKENADDRESSES, \
> IGNOREREPLYSIGNATURE, FAILUREPOLICY, OUTPORT,
> FAILUREBACKOFFTIME, STRIPFROMREQUEST, ADDTOREQUEST from RADSQLRADIUS \
> where TARGETNAME='%R'
> HostColumnDef 0,TARGETNAME
> HostColumnDef 1,HOST1
> HostColumnDef 2,HOST2
> HostColumnDef 3,SECRET
> HostColumnDef 4,AUTHPORT
> HostColumnDef 5.ACCTPORT
> HostColumnDef 6,RETRIES
> HostColumnDef 7,RETRYTIMEOUT
> HostColumnDef 8,USEOLDASCENDPASSWORDS
> HostColumnDef 9,SERVERHASBROKENPORTNUMBERS
> HostColumnDef 10,SERVERHASBROKENADDRESSES
> HostColumnDef 11,IGNOREREPLYSIGNATURE
> HostColumnDef 12,FAILUREPOLICY
> HostColumnDef 13,OUTPORT
> HostColumnDef 14,FAILUREBACKOFFTIME
> HostColumnDef 15,STRIPFROMREQUEST
> HostColumnDef 16,ADDTOREQUEST
> </AuthBy>
> </AuthBy GROUP>
> </Realm>
>
>
> Keith A. Dornbusch / CTO
> U.S. Choice, Inc.
>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.open.com.au
Phone +61 7 5598-7474 Fax +61 7 5598-7070
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS etc.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list