[RADIATOR] SessionDatabaseUseRewrittenName

Ian Henderson ianh at chime.net.au
Fri Nov 21 00:12:25 CST 2008 

Hi all,

I'm running a very simple Radiator installation that keeps a session database of connected users from wired 802.1x, wireless 802.1x and VPN (a sort of "where's bob" utility). I'm using 'SessionDatabaseUseRewrittenName' with two rewrites - one to lowercase, and then Windows domain\user to user at domain. The session database isn't seeing the rewritten username though.

Ubuntu Linux 8.04.1
Radiator 4.3.1
MySQL 5.0.51a-3ubuntu5.3-log

Log entries show the rewrites occurring, and then the replace into using the old username. This is causing MySQL to interpret the slash as a control character. For example, a user 'DOMAIN\nick' is being interpreted by MySQL as 'DOMAIN<newline>ick'.

Fri Nov 21 05:56:22 2008: DEBUG: Rewrote user name to domain\johndoe
Fri Nov 21 05:56:22 2008: DEBUG: Rewrote user name to johndoe at domain
Fri Nov 21 05:56:22 2008: DEBUG: session Replacing session for johndoe at domain, 10.59.208.3, 17380
Fri Nov 21 05:56:22 2008: DEBUG: do query is: 'replace into RADONLINE (USERNAME, NASIPADDRESS, ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE, CISCONASPORT, CALLEDSTATIONID, CALLINGSTATIONID) values ("DOMAIN\johndoe", '10.59.208.3', '000064B4', 1227246982, '', 'Wireless-IEEE-802-11', '', '0016.9cba.c780', '001c.bf8a.c9d8')':

Anybody have any ideas? Config follows.

-----
Foreground
AcctPort 1813,1646
AuthPort 1812,1645
BindAddress 0.0.0.0
LogDir /var/log/radiator/
DbDir /etc/radiator/
LogFile %L/acct.log
Trace 10

<Client DEFAULT>
    Secret xxxxx
    DupInterval 0
</Client>

<Handler>
        # Translate all uppercase to lowercase
        RewriteUsername tr/A-Z/a-z/
        # Rewrite domain/user into user at domain
        RewriteUsername s/^(.*)\\(.*)/$2\@$1/

        <AuthBy SQL>
        </AuthBy>

        SessionDatabaseUseRewrittenName

</Handler>

<SessionDatabase SQL>
        Identifier session
        DBSource    dbi:mysql:radius
        DBUsername  xxxxx
        DBAuth      xxxxx

        ReplaceQuery replace into RADONLINE (USERNAME, NASIPADDRESS, ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE, CISCONASPORT, CALLEDSTATIONID, CALLINGSTATIONID) values ("%u", '%{NAS-IP-Address}', '%{Acct-Session-Id}', %{Timestamp}, '%{Framed-IP-Address}', '%{NAS-Port-Type}', '%{Cisco-NAS-Port}', '%{Called-Station-Id}', '%{Calling-Station-Id}')

        DeleteQuery delete from RADONLINE where NASIPADDRESS = '%{NAS-IP-Address}' and ACCTSESSIONID='%{Acct-Session-Id}'

</SessionDatabase>
-----

Thanks,



- I.

--
Ian Henderson, CCIE #14721
Senior Network Engineer, iiNet Limited

More information about the radiator mailing list