(RADIATOR) Re: Handlers for realm-present and realm-absent?

Hugh Irvine hugh at open.com.au
Wed Apr 26 17:44:06 CDT 2006


Hello Mark -

Try this:

# match any username with a realm suffix

<Realm DEFAULT>
	# proxy elsewhere
	......
</Realm>

# match usernames without a realm suffix

<Realm>
	# authenticate locally
	.....
</Realm>


hope that helps

regards

Hugh


On 27 Apr 2006, at 01:20, Mark D O'Leary wrote:

> Hopefully a quick question:
>
> I have two classes of user, distinguished by whether they supply a  
> realm or not with their username (and the realm could be anything -  
> I don't have a list I can match against). Those with no realm I  
> want to authenticate locally, those without a realm I want to proxy  
> elsewhere.
>
> At the moment I have a kludge solution whereby I use global  
> rewriteusernames to add a fake realm to any incoming requests that  
> don't have any realm component, and then use a realm clause for  
> this fake realm to handle the local authn, and a DEFAULT realm  
> clause to handle all the rest that had their own realms already.
>
> I can't help thinking that there must be a far more elegant way to  
> do this, perhaps with handlers?
>
> Any suggestions appreciated,
>
> M.
>
>
> --
> Mr Mark O'Leary
> IT Officer (Networks), IT Services, University of Manchester
> 0161 275 6110
>


NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list