(RADIATOR) Question about var differences between inner and outer authentications.

Mike McCauley mikem at open.com.au
Mon Oct 11 23:43:11 CDT 2004 

Hello Terry,


On Tuesday 12 October 2004 14:25, Terry Simons wrote:
> Hi,
>
> I'm curious how Radiator handles the the Inner authentication in, for
> instance, a TTLS->PAP authentication.

Radiator extracts the Diameter-like attributes tunnelled through the outer 
TTLS connection, and uses the attributes to create a new 'fake' inner Radius 
request which is then sent back to the top of the Radiator event handling 
system, where it will be redespatched to a Realm-or-Handler, and thence to 
one or more AuthBy clauses.

This means that you can do all sorts of stuff to the requests as they reenter 
the event handling system. For example you can set up a Handler that will 
only handle inner TTLS requests with:

<Handler  TunnelledByTTLS=1>

and then add or subtract attributes from the request with AddToRequest, 
StripFromRequest etc.

Hope that helps, but please let me know if I can tell you more.

Cheers.

>
>  Is it possible to artificially insert attributes from the outer tunnel
> into the inner (for instance, Calling-Station-Id)?  I've been trying to
> grok through EAP_21.pm, but so far I haven't been able to figure this
> out.
>
> Thanks!
>
> - Terry
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list