[RADIATOR] <AuthBy SQL> and AuthColumnDef

Heikki Vatiainen hvn at open.com.au
Thu Nov 10 16:17:01 CST 2011


On 11/09/2011 09:08 PM, Michael wrote:
> 
> For <AuthBy SQL>, does anyone know if sql returned values from AuthSelect and configured as 'request' with AuthColumnDef are suppose to be added to the request packet if the authentication fails?  It does add if success, but doesn't seem to add values to the request packet if it fails.  I don't see the answer to that question in the docs section bellow.

I think they are not supposed to be returned. That is, reply attributes
are only returned for Access-Accept from an AuthBy.

Note that if you do AddToReply in a Client clause, it will add to
Access-Challenge and Access-Reject too.

> 5.29.9
> 
> AuthColumnDef
> 
> This optional parameter allows you to change the way Radiator interprets the result of
> the AuthSelect statement. If you don’t specify any AuthColumnDef parameters, Radia-
> tor will assume that the first column returned is the password; the second is the check
> items (if any) and the third is the reply items (if any). If you specify any AuthColumn-
> Def parameters, Radiator will use the column definitions you provide.
> 
> You can specify any number of AuthColumnDef parameters, one for each interesting
> field returned by AuthSelect. The general format is:
> 
> AuthColumnDef n, attributename, type
> 
> • n is the index of the field in the result of AuthSelect. 0 is the first field.
> 
> • attributename is the name of the attribute to be checked or replied. The value of the
> attribute is in the nth field of the result. The special attributename ‘GENERIC’ indi-
> cates that it is a list of comma separated attribute=value pairs.
> 
> • type indicates whether it is a check or reply item. A type of ‘request’ sets the named
> attribute in the incoming request, from where it can be retrieved later in the authenti-
> cation process with special formatting characters.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator


-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.


More information about the radiator mailing list