[RADIATOR] Alive\Update handlers with proxy
Heikki Vatiainen
hvn at open.com.au
Mon Dec 23 03:33:43 CST 2013
On 12/23/2013 09:25 AM, eliran shlomo wrote:
> How can i copy the attribute vales that are sent in the Access-Accept to
> the Accounting-Request?
If the attributes are fetched during the authentication, you could
consider AuthenticateAccounting and creating a Handler for the
accounting message which has an AuthBy with AuthenticateAccounting set
and for example, NoCheckPassword set.
This would force Radiator to run SQL and LDAP lookups for accounting too
allowing you to pull attribute values from the authentication backend.
Another alternative might be storing the values during authentication in
the Class attribute which the client will return with
Accounting-Requests. A hook could then process Class and push the
attributes in the accounting request message.
Yes another alternative is to create a hook that does all the necessary
lookups for the accounting messages. However, it might be possible to
use the two alternatives described above instead of doing everything
with a hook.
Thanks,
Heikki
> On Wed, Dec 18, 2013 at 5:33 PM, Heikki Vatiainen <hvn at open.com.au
> <mailto:hvn at open.com.au>> wrote:
>
> On 12/18/2013 09:44 AM, eliran shlomo wrote:
>
> > The attribute in the LDAP for RB-Context-Name has changed from
> safe to ngn.
> >
> > but in the accounting that sent to the proxy the attribute value
> didn't
> > changed.
> > RB-Context-Name = "safe"
> >
> > the hook is acting as expected the problem is that some of attribute
> > values stay the same and some of them changed.
>
> Hello Eliran,
>
> the Hook you sent only changes Class attribute. In other words, only
> $p->change_attr('Class', ...) is called but values of other attributes
> are not touched.
>
> The log you sent earlier shows that authentication and accounting
> requests are processed by different Handlers. This is very likely one
> reason why they change the attributes differently.
>
> Thanks,
> Heikki
>
>
> --
> Heikki Vatiainen <hvn at open.com.au <mailto:hvn at open.com.au>>
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
> NetWare etc.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au <mailto:radiator at open.com.au>
> http://www.open.com.au/mailman/listinfo/radiator
>
>
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list