(RADIATOR) <Handler> - question...
Martin Wallner
Martin.Wallner at eunet.co.at
Thu Jun 22 10:43:11 CDT 2006
Thanks, 'Realm=' did the trick for me...
=mw=
> -----Original Message-----
> From: owner-radiator at open.com.au
> [mailto:owner-radiator at open.com.au] On Behalf Of Hugh Irvine
> Sent: Donnerstag, 22. Juni 2006 04:40
> To: Martin Wallner
> Cc: radiator at open.com.au
> Subject: Re: (RADIATOR) <Handler> - question...
>
>
> Hello Martin -
>
> You should set up a test environment so you can try these
> things for yourself to see what happens.
>
> <Handler Realm = //>
>
> will match any username with or without a realm suffix
>
> <Handler User-Name = /\@/>
>
> will match any username with a realm suffix
>
> <Handler Realm =>
>
> will match any username without a suffix
>
> hope that helps
>
> regards
>
> Hugh
>
>
> On 22 Jun 2006, at 01:25, Martin Wallner wrote:
>
> > Hi All,
> >
> > It looks I've been a bit stuck here...
> >
> > Q: Is it possible, to prepare a Handler that matches for
> example for a
> > Called-Station-ID and a 'no realm' username?
> >
> > Like:
> >
> > <Handler Called-Station-Id = csib|csia,Realm=//>
> > handling stuff
> > </Handler>
> >
> > <Handler Realm=/^myrealm$/i>
> > handling stuff of the same CSI's, but with realm on another
> > Authentication sheme...
> > </Handler>
> >
> >
> > which - IMHO - should match for
> >
> > CSI = (csia OR csib) AND Realm = ''
> >
> > so that I can fiddle around with calls coming in with the same two
> > CSI's, but WITH a realm in later handlers?
> >
> > I have multiple CSI's on one Tunnel, coming from different
> > corporations we merged in, and that would be the only way
> to allow the
> > 'plain' (no realm) usernames and authenticate it against
> one LDAP-Tree
> > that some of the customers are used to, and work (on another
> > LDAP-Tree) for the users with realms....
> >
> > If this is not possible, it would probably come in handy
> sometimes to
> > have a possibility to be able distinctivly negate, like <Handler
> > Check1 = blah, Check2 != /.*/> .... :-)
> >
> >
> > regards
> > Martin Wallner (=mw=)
> >
> > -----
> > Eunet Telekom GmbH
> > (Member of eTel-Group) e-mail
> 'martin.wallner at eunet.co.at
> >
> > vorm. Nextra Österreich e-mail
> 'martin.wallner at nextranet.at'
> > vorm. ViP EDV-Dienstleistungs GesmbH e-mail
> 'hostmaster at vip.at'
> > vorm. Gramtel Austria GmbH. e-mail 'hostmaster at gramtel.at'
> > Systems RIPE: WM355-RIPE
> > Nussdorfer Lände 23 NicAT: WM503823-NICAT
> > 1190 Wien, Vienna, Austria Tel. +43 (0) 59 1 59 - 1354
> >
> > --
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au To
> unsubscribe, email
> > 'majordomo at open.com.au' with 'unsubscribe radiator' in the
> body of the
> > message.
>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive
> (www.open.com.au/archives/ radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no
> secrets), together with a trace 4 debug showing what is happening?
>
> --
> Radiator: the most portable, flexible and configurable RADIUS
> server anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical,
> extensible, flexible with hardware, software, platform and
> database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list