[RADIATOR] Authentication without check attributes

Jesús Rodríguez jesusr at voztele.com
Fri Oct 19 12:56:08 CDT 2012


Hi Heikki,

El 04/10/2012, a las 20:48, Heikki Vatiainen <hvn at open.com.au> escribió:

> On 10/04/2012 11:47 AM, Jesús Rodríguez wrote:
> 
>> Is possible to use a value returned in an <AuthBy SQL> AuthSelect query in a subsequent <AuthBy>?.
> 
> Yes. Instead of using 'check' as the type for AuthColumnDef, use
> 'request'. That will put the retrieved value in the request for later
> use. For the details, please see the reference manual section '5.31.11
> AuthColumnDef'.


This is exactly what i needed, thanks!!.

Regards.



>> An example:
>> 
>> <Handler Client-Identifier=preauth,Calling-Station-Id="1234567">
>> 	AuthByPolicy ContinueWhileAccept
>> 	AddToRequest X-pre-auth-required-result = 1
>> 	<AuthBy SQL>
>> 		AuthSelect select validate_preauth('%{Calling-Station-Id}','',%0,'','','','','','','','','','',0,1,0,now())
>> 		AuthColumnDef 0, X-pre-auth-required-result, check
>> 	</AuthBy>
>> 
>> In this case, the AuthSelect would return two values. The first one is used as check value. I would like to get the second returned value and use it in a subsequent <AuthBy> within the same <Handler> clause. Is possible to save the second value in a variable or pseudo-attribute and use it later on?.
>> 
>> Thanks and regards.
>> 
>> 
>> 
>> 
>> 
>> El 27/06/2012, a las 13:21, Jesús Rodríguez <jesusr at voztele.com> escribió:
>> 
>>> ---------- Forwarded message ----------
>>> From: Heikki Vatiainen <hvn at open.com.au>
>>> Date: Sun, Jun 24, 2012 at 10:59 PM
>>> Subject: Re: [RADIATOR] Authentication without check attributes
>>> To: radiator at open.com.au
>>> 
>>> 
>>> On 06/23/2012 04:32 PM, Jesús Rodríguez wrote:
>>> 
>>>> To authenticate a dsl pre-authentication request, i have to use a mysql function query (using AuthBy mysql) that returns 1 (accept) or 0 (reject), with no check attributes or other values i can use as check parameters.
>>>> 
>>>> How can i send the Accept or Reject based on the returned 1 or 0 values?.
>>> 
>>> Try something like this:
>>> 
>>> <Handler ...>
>>>   AddToRequest  X-pre-auth-required-result = 1
>>>   <AuthBy SQL>
>>>       AuthSelect your-mysql-function
>>>       AuthColumnDef 0, X-pre-auth-required-result, check
>>>   ...
>>> ...
>>> 
>>> Here X-pre-auth-required-result is a local pseudo-attribute. You can
>>> name it as you want, but the main thing is it will never come from the
>>> NAS and has a fixed value you can compare against value returned from
>>> MySQL function.
>>> 
>>> Thanks,
>>> Heikki
>> 







More information about the radiator mailing list