(RADIATOR) SessionDatabase

Hugh Irvine hugh at open.com.au
Sat Feb 10 04:13:50 CST 2007 

Hello Fred -

You can use a PostAuthHook that runs after the corresponding AuthBy  
clause(s) return an Access-Accept. The hook code can call an AuthBy  
SQL clause, or it can run whatever accounting query you require.  
There are numerous examples in "goodies/hooks.txt". You can use this  
technique for simulating an accounting start, but I don't see what  
you could do for the accounting stop (other than periodic SNMP  
polling or something equally distasteful).

My preferred approach would be to acquire AP's that do sensible  
accounting.

regards

Hugh



On 10 Feb 2007, at 20:57, Fred Leeflang wrote:

> For UserTracking I'm currently using a SessionDatabase config block
> so that Radius sessions will be logged into the database. From the
> documentation:
>
> 5.8.3 AddQuery This SQL statement is executed whenever a new user  
> session starts (i.e. when an Accounting-Request Start message is  
> received).
>
> A lot of consumer AP's do not seem to support 802.1x accounting  
> however, so I'd
> like to create an alternative for it. I tried:
>
> <Handler TunnelledByTTLS=1>
>     SessionDatabase SessionSQL
>     ...
>
> which obviously doesn't work.
>
> Is there a way through which I can make Radiator fake an Accounting- 
> Request Start
> somehow when an Authentication is Accepted?
>
> The other challenge would be to somehow get Accounting-Request Stop  
> simulated
> somehow. It doesn't look like Radiator sees when a supplicant is  
> deauthenticated
> unless by an Accounting-Request Stop. Is there a way to detect that  
> a user has
> logged off besides the acct. ?



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list