(RADIATOR) <Handler> - question...

Martin Wallner Martin.Wallner at eunet.co.at
Thu Jun 22 10:43:11 CDT 2006


Thanks, 'Realm=' did the trick for me... 

=mw=
 

> -----Original Message-----
> From: owner-radiator at open.com.au 
> [mailto:owner-radiator at open.com.au] On Behalf Of Hugh Irvine
> Sent: Donnerstag, 22. Juni 2006 04:40
> To: Martin Wallner
> Cc: radiator at open.com.au
> Subject: Re: (RADIATOR) <Handler> - question...
> 
> 
> Hello Martin -
> 
> You should set up a test environment so you can try these 
> things for yourself to see what happens.
> 
> <Handler Realm = //>
> 
> will match any username with or without a realm suffix
> 
> <Handler User-Name = /\@/>
> 
> will match any username with a realm suffix
> 
> <Handler Realm =>
> 
> will match any username without a suffix
> 
> hope that helps
> 
> regards
> 
> Hugh
> 
> 
> On 22 Jun 2006, at 01:25, Martin Wallner wrote:
> 
> > Hi All,
> >
> > It looks I've been a bit stuck here...
> >
> > Q: Is it possible, to prepare a Handler that matches for 
> example for a 
> > Called-Station-ID and a 'no realm' username?
> >
> > Like:
> >
> > <Handler Called-Station-Id = csib|csia,Realm=//>
> >    handling stuff
> > </Handler>
> >
> > <Handler Realm=/^myrealm$/i>
> >    handling stuff of the same CSI's, but with realm on another 
> > Authentication sheme...
> > </Handler>
> >
> >
> > which - IMHO - should match for
> >
> > CSI = (csia OR csib) AND Realm = ''
> >
> > so that I can fiddle around with calls coming in with the same two 
> > CSI's, but WITH a realm in later handlers?
> >
> > I have multiple CSI's on one Tunnel, coming from different 
> > corporations we merged in, and that would be the only way 
> to allow the 
> > 'plain' (no realm) usernames and authenticate it against 
> one LDAP-Tree 
> > that some of the customers are used to, and work (on another 
> > LDAP-Tree) for the users with realms....
> >
> > If this is not possible, it would probably come in handy 
> sometimes to 
> > have a possibility to be able distinctivly negate, like <Handler 
> > Check1 = blah, Check2 != /.*/> .... :-)
> >
> >
> > regards
> > Martin Wallner (=mw=)
> >
> > -----
> > Eunet Telekom GmbH			
> > (Member of eTel-Group) 			e-mail 
> 'martin.wallner at eunet.co.at
> >
> > vorm. Nextra Österreich			e-mail 
> 'martin.wallner at nextranet.at'
> > vorm. ViP EDV-Dienstleistungs GesmbH	e-mail 
> 'hostmaster at vip.at'
> > vorm. Gramtel Austria GmbH.		e-mail 'hostmaster at gramtel.at'
> > Systems					RIPE:     WM355-RIPE
> > Nussdorfer Lände 23			NicAT:    WM503823-NICAT
> > 1190 Wien, Vienna, Austria		Tel. +43 (0) 59 1 59 - 1354
> >
> > --
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au To 
> unsubscribe, email 
> > 'majordomo at open.com.au' with 'unsubscribe radiator' in the 
> body of the 
> > message.
> 
> 
> NB:
> 
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive 
> (www.open.com.au/archives/ radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no 
> secrets), together with a trace 4 debug showing what is happening?
> 
> --
> Radiator: the most portable, flexible and configurable RADIUS 
> server anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, 
> extensible, flexible with hardware, software, platform and 
> database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
> 
> 
> 
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
> 

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list