(RADIATOR) AuthBy SQL, AuthColumnDef with vendor specific attr

Hugh Irvine hugh at open.com.au
Mon Jun 27 09:30:28 CDT 2005


Hello Steve -

I would probably put the entire string as shown below in the database  
and reference it like this:


         cisco-avpair="atm:peak-cell-rate=1024"


         <AuthBy SQL>
                 .....
                 AuthColumnDef 3, GENERIC, reply
                 .....
         </AuthBy>


The advantage here is you can add as many reply attributes as you like.

regards

Hugh


On 27 Jun 2005, at 10:22, Steve Rogers wrote:

> Hi Hugh,
>
> As I understand, what you are suggesting is fine for all users or  
> groups of
> users etc, but we want to do this on a per-user basis based on  
> values in the
> DB.
>
> What would you suggest to do this - hooks or similar?
>
> Thanks
> Steve
>
> -----Original Message-----
> From: owner-radiator at open.com.au [mailto:owner- 
> radiator at open.com.au] On
> Behalf Of Hugh Irvine
> Sent: 27 June 2005 14:51
> To: Steve Rogers
> Cc: 'António Fernandes'; radiator at open.com.au
> Subject: Re: (RADIATOR) AuthBy SQL, AuthColumnDef with vendor  
> specific attr
>
>
> Hello Steve -
>
> If you just want to add something to the reply you should use
> AddToReply:
>
>          <AuthBy SQL>
>                  ......
>                  AddToReply cisco-avpair="atm:peak-cell-rate=1024"
>          </AuthBy>
>
> Note the use of the quotes.
>
> regards
>
> Hugh
>
>
> On 27 Jun 2005, at 09:19, Steve Rogers wrote:
>
>
>> Hi,
>>
>>
>>
>> I just cut ‘n’ paste the wrong bit out of the debug log – oops.
>>
>>
>>
>> Sun Jun 26 22:00:57 2005: DEBUG: Radius::AuthSQL looks for match
>> with test
>>
>> Sun Jun 26 22:00:57 2005: DEBUG: Radius::AuthSQL ACCEPT:
>>
>> Sun Jun 26 22:00:57 2005: DEBUG: Access accepted for test
>>
>> Sun Jun 26 22:00:57 2005: WARNING: No such attribute cisco-
>> avpair=atm:peak-cell-rate
>>
>> Sun Jun 26 22:00:57 2005: DEBUG: Packet dump:
>>
>> *** Sending to X.X.X.X port 1645 ....
>>
>> Code:       Access-Accept
>>
>> Identifier: 45
>>
>> Authentic:  XXXX
>>
>> Attributes:
>>
>>         cisco-avpair=atm:peak-cell-rate = 512
>>
>>         Service-Type = Framed-User
>>
>>         Framed-Protocol = PPP
>>
>>
>>
>> Steve
>>
>> From: António Fernandes [mailto:afernandes at egp.up.pt]
>> Sent: 27 June 2005 10:33
>> To: 'Steve Rogers'; radiator at open.com.au
>> Subject: RE: (RADIATOR) AuthBy SQL, AuthColumnDef with vendor
>> specific attr
>>
>>
>>
>> Hi!
>>
>>
>>
>> In the log it appears "cisco-apair". Is this a typo???
>>
>>
>>
>> Yours,
>>
>>
>>
>> Antonio Fernandes
>>
>> Oporto Management School
>>
>> Oporto University
>>
>>
>>
>>
>>
>> From: owner-radiator at open.com.au [mailto:owner-
>> radiator at open.com.au] On Behalf Of Steve Rogers
>> Sent: segunda-feira, 27 de Junho de 2005 9:21
>> To: radiator at open.com.au
>> Subject: (RADIATOR) AuthBy SQL, AuthColumnDef with vendor specific
>> attr
>>
>> Hi,
>>
>>
>>
>> We have a mysql DB which does not contain checkattr and replyattr
>> fields (and we can’t add them).  We’ve been looking at
>> AuthColumnDef with AuthSelect to fetch column data and return it in
>> a reply, but as the VSA we want to return is a cisco-avpair we’re
>> having problems.
>>
>>
>>
>> Really we’d like
>>
>>
>>
>> AuthColumnDef  3, cisco-avpair=atm:peak-cell-rate=1024
>>
>>
>>
>> This is what happens in the debug
>>
>>
>>
>> Sun Jun 26 22:00:14 2005: DEBUG: Radius::AuthSQL looks for match
>> with test
>>
>> Sun Jun 26 22:00:14 2005: DEBUG: Radius::AuthSQL ACCEPT:
>>
>> Sun Jun 26 22:00:14 2005: DEBUG: Access accepted for test
>>
>> Sun Jun 26 22:00:14 2005: WARNING: No such attribute cisco-
>> apair=atm:peak-cell-rate
>>
>>
>>
>> What’s the best way to do this, or should we do it in a
>> PostAuthSelectHook?
>>
>>
>>
>> Any help much appreciated!
>>
>>
>>
>> Thanks
>>
>> Steve
>>
>>
>>
>
>
> NB: I am travelling this week, so there may be delays in our
> correspondence.
>
> -- 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>


NB: I am travelling this week, so there may be delays in our  
correspondence.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list