[RADIATOR] Alive\Update handlers with proxy

Hugh Irvine hugh at open.com.au
Mon Dec 23 04:07:49 CST 2013 

Hello -

There is an example showing how to use the Class attribute in “goodies/hooks.txt”.

regards

Hugh


On 23 Dec 2013, at 20:33, Heikki Vatiainen <hvn at open.com.au> wrote:

> On 12/23/2013 09:25 AM, eliran shlomo wrote:
> 
>> How can i copy the attribute vales that are sent in the Access-Accept to
>> the Accounting-Request?
> 
> If the attributes are fetched during the authentication, you could
> consider AuthenticateAccounting and creating a Handler for the
> accounting message which has an AuthBy with AuthenticateAccounting set
> and for example, NoCheckPassword set.
> 
> This would force Radiator to run SQL and LDAP lookups for accounting too
> allowing you to pull attribute values from the authentication backend.
> 
> Another alternative might be storing the values during authentication in
> the Class attribute which the client will return with
> Accounting-Requests. A hook could then process Class and push the
> attributes in the accounting request message.
> 
> Yes another alternative is to create a hook that does all the necessary
> lookups for the accounting messages. However, it might be possible to
> use the two alternatives described above instead of doing everything
> with a hook.
> 
> Thanks,
> Heikki
> 
> 
>> On Wed, Dec 18, 2013 at 5:33 PM, Heikki Vatiainen <hvn at open.com.au
>> <mailto:hvn at open.com.au>> wrote:
>> 
>>    On 12/18/2013 09:44 AM, eliran shlomo wrote:
>> 
>>> The attribute in the LDAP for RB-Context-Name has changed from
>>    safe to ngn.
>>> 
>>> but in the accounting that sent to the proxy the attribute value
>>    didn't
>>> changed.
>>> RB-Context-Name = "safe"
>>> 
>>> the hook is acting as expected the problem is that some of attribute
>>> values stay the same and some of them changed.
>> 
>>    Hello Eliran,
>> 
>>    the Hook you sent only changes Class attribute. In other words, only
>>    $p->change_attr('Class', ...) is called but values of other attributes
>>    are not touched.
>> 
>>    The log you sent earlier shows that authentication and accounting
>>    requests are processed by different Handlers. This is very likely one
>>    reason why they change the attributes differently.
>> 
>>    Thanks,
>>    Heikki
>> 
>> 
>>    --
>>    Heikki Vatiainen <hvn at open.com.au <mailto:hvn at open.com.au>>
>> 
>>    Radiator: the most portable, flexible and configurable RADIUS server
>>    anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>>    Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>>    TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>>    DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
>>    NetWare etc.
>>    _______________________________________________
>>    radiator mailing list
>>    radiator at open.com.au <mailto:radiator at open.com.au>
>>    http://www.open.com.au/mailman/listinfo/radiator
>> 
>> 
> 
> 
> -- 
> Heikki Vatiainen <hvn at open.com.au>
> 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
> NetWare etc.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator


--

Hugh Irvine
hugh at open.com.au

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. 
Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.

More information about the radiator mailing list