(RADIATOR) ContinueWhileAccept weirdness

Hugh Irvine hugh at open.com.au
Tue Dec 20 14:43:42 CST 2005


Salut Laurent -

What you show below will not work for a number of reasons.

I think you will need a ReplyHook in the first AuthBy RADIUS clause  
which calls the second AuthBy RADIUS clause.

There is an example in "goodies/hooks.txt" in the Radiator 3.13  
distribution showing how to do this.

regards

Hugh



On 21 Dec 2005, at 04:18, PREVOSTO, Laurent wrote:

> Hi, i have the following conf :
>
>
>
> <AuthBy RADIUS>
>
>         Identifier radius-conf
>
>         Host localhost
>
>         AuthPort 1812
>
>         Secret secret
>
>         FailureBackoffTime 0
>
>         Retries 1
>
>         RetryTimeout 4
>
>         NoDefault
>
>         UseExtendedIds
>
>         Fork
>
>         Synchronous
>
> </AuthBy>
>
>
>
> <AuthBy RADIUS>
>
>         Identifier radius-auth
>
>         Host localhost
>
>         AuthPort 1912
>
>         Secret secret
>
>         FailureBackoffTime 0
>
>         Retries 1
>
>         RetryTimeout 4
>
>         NoDefault
>
>         UseExtendedIds
>
> </AuthBy>
>
>
>
> <Handler Realm=”test”>
>
>         AuthByPolicy ContinueWhileAccept
>
>         AuthBy radius-conf
>
>         AuthBy radius-auth
>
> </Handler>
>
>
>
> First radius (radius-conf) is mandatory and sets a few reply-items  
> depending on the context of the request
>
> Second radius (radius-auth) does per-user authentication.
>
>
>
> Since I want both radius to send an Accept so that the request is  
> really accepted
>
> And I want both reply-items groups to be mixed in the resulting  
> reply packet, I added Synchronous/Fork to the first AuthBy RADIUS  
> clause (looks like there is no othe way but I may be wrong)
>
>
>
> (that’s pretty close to the example shown in the documentation at  
> 6.30.18)
>
>
>
> But it doesn’t work : logs show that AuthBy radius-conf is treated  
> well. Then the request is forwarded to radius-authbut, although  
> radius-auth answers to the main proxy, the main proxy seems to  
> never receive the answer and therefore the response is not sent  
> back to the client.
>
> Oddly (or not) if I add Synchronous/Fork to the radius-auth <AuthBy  
> RADIUS> clause it works well.
>
>
>
> Is it normal ?
>
> Did I miss something ?
>
>
>
> Regards,
>
>
>
> Laurent
>
>


NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list