[RADIATOR] LDAP for authorization (no authentication)
Hugh Irvine
hugh at open.com.au
Tue Aug 11 18:24:06 CDT 2009
Hello Andrew -
There is an example in "goodies/hooks.txt".
regards
Hugh
On 12 Aug 2009, at 04:29, Andrew D. Clark wrote:
> Hi all,
>
> I'm using an AuthBy LDAP2 within a complex handler to retrieve some
> user
> attributes. Verification of the user's password happens elsewhere.
> Depending
> on the contents and/or existence of certain attributes, I want to
> either
> accept or reject the user. Most of the attributes I'm checking are
> multi-
> valued, when they are defined. I'm using AuthAttrDef to hold them
> like so:
>
> AuthAttrDef superSpecialAttribute,GENERIC,request
>
> And then processing them with a PostSearchHook.
> How can I make that AuthBy return an ACCEPT or REJECT with a
> PostSearchHook?
>
> --
> Andrew D. Clark
> Network Operations Engineer
> University of Minnesota, Networking/Telecom Services
> 2218 University Ave SE
> Minneapolis, MN 55414-3029
> Phone: 612-626-4880
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
More information about the radiator
mailing list