[RADIATOR] Handler for EAP selection

Hugh Irvine hugh at open.com.au
Fri Jan 22 16:32:21 CST 2010 

Hello Markus -

You can try a PreProcessingHook in the default Handler together with an AuthBy Handler to redispatch the request.

Alternatively you could try a PreHandlerHook in the Client clause which adds some pseudo-attribute to the request to match a Handler.

See section 5.74 in the Radiator 4.5.1 reference manual ("doc/ref.pdf").

See also the example hooks in "goodies/hooks.txt".

regards

Hugh


On 22 Jan 2010, at 21:33, Markus Moeller wrote:

> Is there a way to select a Handler based on the EAP type ? As you can see I have to select somehow different files to check against.
>  
> <Handler   ...EAPType=MD5... >
>    Authby MACAuth
> </Handler>
>  
> <Handler   ...EAPTYPE=TLS... >
>    Authby CERTAuth
> </Handler>
>  
> #
> #       802.1x testing
> #
> <AuthBy FILE>
>   Identifier MACAuth
>   Filename %D/../data/mac_database
>   EAPType MD5-Challenge
> </AuthBy>
>  
>  
> <AuthBy FILE>
>   Identifier CERTAuth
>   Filename %D/../data/default_file_auth
>  
>   EAPType TLS
>  
>  
>   EAPTLS_CAFile %D/../data/certs/CA/ALL-ca-certs.pem
>  
>   EAPTLS_CertificateFile %D/../data/certs/cert.pem
>   EAPTLS_CertificateType PEM
>  
>   EAPTLS_PrivateKeyFile %D/../data/certs/key.pem
>   EAPTLS_PrivateKeyPassword bla
>  
>   EAPTLS_MaxFragmentSize 1000
>  
>   EAPTLS_CRLCheck
>  
>   EAPTLS_CRLFile %D/../data/certs/revocations.pem
> #
>   AutoMPPEKeys
> </AuthBy>
>  
> Thank you
> Markus
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator



NB: 

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets), 
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

More information about the radiator mailing list