[RADIATOR] Authby ROUNDROBIN fallback
Francisco Rodrigo Cortinas Maseda
francisco.cortinas at jazztel.com
Thu Feb 11 08:03:31 CST 2010
Hi Jim,
First, create a new AuthBy that you want to handle the default response (AuthBy INTERNAL, for example; i use one called "RESPDEF"); give it a description; then use this NoReplyHook (its a modification of the one on the goodies directory of Radiator):
NoReplyHook sub {\
my $p = ${$_[0]};\
my $fp = ${$_[1]};\
my $rp = ${$_[2]};\
my $identifier = "RESPDEF";\
my $authby;\
if ($authby = Radius::AuthGeneric::find($identifier))\
{\
my ($rc, $reason) = $authby->handle_request($p, $rp);\
if ($rc == $main::ACCEPT)\
{\
$rp->set_code('Access-Accept');\
}\
else\
{\
$rp->set_code('Access-Reject');\
}\
}\
else\
{\
&main::log($main::LOG_ERR, "Respuesta por defecto - Identificador de AuthBY $identifier no encontrado");\
$rp->set_code('Access-Reject');\
}\
$p->{Client}->replyTo($p);\
return;\
}
Hope that helps.
-----Mensaje original-----
De: radiator-bounces at open.com.au [mailto:radiator-bounces at open.com.au] En nombre de jim at scusting.com
Enviado el: jueves 11 de febrero de 2010 14:43
Para: radiator at open.com.au
Asunto: [RADIATOR] Authby ROUNDROBIN fallback
Hi,
I'm currently have a handler doing proxy Radius with AuthBy ROUNDROBIN to a customers Radius server - however their Radius setup isn't that reliable (probably not using Radiator ;) ) and in the event of their Radius not responding I want to fall back to a default accept that will put the user in a walled garden.
As proxy Radius is asynchronous, is the only way to do this (without Synchronous which I dont want to due as they are not reliable) with the NoReplyHook? I have looked at goodies/noReplyFromProxy but my perl is rather non-existent. If I can get this hook to somehow respond with what I need (just needs an accept with RB-Context-Name="WalledGarden") will it it trigger when both of the servers in the ROUNDROBIN fail or just the one it happened to hit?
I suppose the other solution would be to have 2 seperate Radius servers defined instead of ROUNDROBIN and add a 3rd to the list which points to a local Radius server that always responds with the standard walled garden accept, and then if both timeout it will resort to the 3rd server until the 1st 2 have recovered after FailureBackoffTime?
Thanks.
Jim.
_______________________________________________
radiator mailing list
radiator at open.com.au http://www.open.com.au/mailman/listinfo/radiator
Antes de imprimir este e-mail piense bien si es necesario hacerlo.
--------------------------------------------------------------------------------
Este mensaje es privado y CONFIDENCIAL y se dirige exclusivamente a su destinatario. Si usted ha recibido este mensaje por error, no debe revelar, copiar, distribuir o usarlo en ning?n sentido. Le rogamos lo comunique al remitente y borre dicho mensaje y cualquier documento adjunto que pudiera contener. El correo electr?nico via Internet no permite asegurar la confidencialidad de los mensajes que se transmiten ni su integridad o correcta recepci?n. JAZZTEL no asume responsabilidad por estas circunstancias. Si el destinatario de este mensaje no consintiera la utilizaci?n del correo electr?nico via Internet y la grabaci?n de los mensajes, rogamos lo ponga en nuestro conocimiento de forma inmediata.Cualquier opini?n expresada en este mensaje pertenece ?nicamente al autor remitente, y no representa necesariamente la opini?n de JAZZTEL, a no ser que expresamente se diga y el remitente est? autorizado para hacerlo.
--------------------------------------------------------------------------------
This message is private and CONFIDENTIAL and it is intended exclusively for its addressee. If you receive this message in error, you should not disclose, copy, distribute this e-mail or use it in any other way. Please inform the sender and delete the message and attachments from your system.Internet e-mail neither guarantees the confidentiality nor the integrity or proper receipt of the messages sent. JAZZTEL does not assume any liability for those circumstances. If the addressee of this message does not consent to the use of Internet e-mail and message recording, please notify us immediately.Any views or opinions contained in this message are solely those of the author, and do not necessarily represent those of JAZZTEL, unless otherwise specifically stated and the sender is authorised to do so.
--------------------------------------------------------------------------------
More information about the radiator
mailing list