[RADIATOR] Handler code for Access-Reject

Hugh Irvine hugh at open.com.au
Tue Jul 1 00:55:10 CDT 2008


Hello Carl -

You can use an AuthBy INTERNAL for this.


# Handler to reject everything

<Handler>
	<AuthBy INTERNAL>
		DefaultResult REJECT
		.....
	</AuthBy>
</Handler>


See section 5.48 in the Radiator 4.2 reference manual ("doc/ref.pdf").

regards

Hugh


On 28 Jun 2008, at 02:46, Carl Gibbons wrote:

> What's the simplest way to code a <Handler> that always rejects an  
> Access-Request?
>
> The primary goal is to have this 'reject-by-default' handler at the  
> bottom of the config file, so that if an Access-Request isn't  
> matched by a more specific handler earlier in the config, then it's  
> automatically rejected by the this one. A secondary goal is to have  
> the reject-by-default handler put an attribute in the Access-Reject  
> that distinguishes its rejection from those that an earlier handler  
> may yield.
>
> - Carl Gibbons
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.




More information about the radiator mailing list