[RADIATOR] Rewrite userna functionality for use in ldap_aps authby

[Alex Sharaz]

Hi,
I've been playing with Radsec  to link together geographically remote servers with final authentication being against an Apple Lion Server open directory. What I've got is

Radiator 4.9/Linux at Hull University   -- > IPv4 -- > RADSEC  - - > Radiator 4.9  on Linux  server on other side of the planet  - >  IPv6 - -> RADSEC - - > Radiator 4.9 on OS X authenticating via AuthBy LDAP_APS

And it works!!
At the Uni server end I can use radpwtst to authenticate against a user account living on the OS X server in its local open directory.
e.g.

radpwtst -s 150.237.85.225 -secret <really not telling you>  -user alexsharaz -password <not telling this either>  -auth_port 1812 -noacct -mschapv2

Giving
Mon Apr 30 15:17:03 2012 915117: DEBUG: Packet dump:
*** Sending to 150.237.85.225 port 44905 ....
Code:       Access-Accept
Identifier: 108
Authentic:  <202><17><206><247>p<152><232><172>D=<143><211>`c<4><198>
Attributes:
        MS-CHAP2-Success = "<1>S=C6DBD8A40EF6F44FB232337FD2B95BDAED769E9F"
        MS-MPPE-Send-Key = 2<20>T<166><161><161><232><170><31>kh<229><9><151>/<1
80>
        MS-MPPE-Recv-Key = <1><23><253><132><11>x<174><191>^<153><153>843<238>U
        User-Name = "alexsharaz"

However, what I actually want to do is send a usename with a realm of sharaz.info and have the realm stripped out of the user name. When I auth to radiator on  a windoze platform  I can use

RewriteUsername s/^([^@]+).*/$1

To strip off the realm.

Is there any way I can do the username  rewrite at the OS X end

Rgds
Alex

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20120430/57f5d52f/attachment.html 
-------------- next part --------------
**************************************************
To view the terms under which this email is 
distributed, please go to 
http://www2.hull.ac.uk/legal/disclaimer.aspx
**************************************************