(RADIATOR) Modify SessionID

Hugh Irvine hugh at open.com.au
Sun Mar 4 16:59:00 CST 2007


Hello Joe -

You could do something like this:


#define Client clause with an Identifier

<Client 1.1.1.1>
	Identifier SomeTag_
	.....
</Client>

......

# define Handlers

<Handler .....>

	<AuthBy SQL>
		......
		AcctColumnDef AcctSessionID, %{Client:Identifier}%{Acct-Session- 
Id}, formatted

	</AuthBy>

</Handler>


I haven't tested the above, but you should get the idea.

regards

Hugh


On 5 Mar 2007, at 08:16, Joe Hughes wrote:

> Hi
>
> I have a scenario where we had a number of expired sessions from a
> given Nas. This Nas was since replaced but kept the same IP address
> etc. The Nas is now accepting new sessions which are being stored in
> said database. The problem is, now they are hitting the same
> SessionID's as previous sessions stored from the previous Nas. I build
> the various keys in the database based around NasID, NasPort and
> SessionID - but the scenario remains where all 3 can match, and things
> can get a little screwy.
>
> What I want to do is modify the SessionID in the accounting records
> before it hits our database, perhaps prefixing it an arbitary value.
> e.g. If the SessionID was 00000A1 it would be become X_00000A1. I
> guess my options are
>
> a) See if there's an option on the Nas to manipulate the SessionID
> b) Do some kind of hook/logic in the database to prefix the value
> c) Manipulate the SessionID on the RADIUS box where it does the DB  
> inserts
>
> I use my own DB session management, so c) is perhaps the most
> desirable option. I have looked at the different options and I think
> the AcctColumnDef \formatted method may be the best.
>
> Currently I have (For Nas X )
>
>        AcctColumnDef	AcctSessionID,Acct-Session-Id
>
> Can this be changed to
>
>        AcctColumnDef	AcctSessionID,X_{Acct-Session-Id},formatted
>
> Do I need to specify a variable for the value "X_" and can this be
> taken from within the handler?  Then if the NAS is replaced in the
> future with the risk of duplicate sessionIDs, I can simply change the
> value X_ to something else.
>
> (Or - is there a better way entirely?)
>
> Cheers
>
> Joe
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list