[RADIATOR] Query LDAP during the authentication process
Heikki Vatiainen
hvn at open.com.au
Mon Jan 7 13:10:55 CST 2013
On 01/07/2013 01:15 PM, Vicaretti Vincenzo (Guest) wrote:
> Hello,
> I use Radiator as a Proxy Radius for EAP-TLS and PEAP method, can I
> enter a query ldap during the authentication process? Is possible? There
> are examples of configuration?
>
> If I use Radiator as a Radius Server for EAP-TLS and PEAP method, can
> I enter a query ldap during the authentication process? There are examples
> of configuration?
Yes, that is possible. Try something like this:
<Handler ...>
AuthByPolicy ContinueWhileAccept
<AuthBy LDAP2>
...
</AuthBy>
<AuthBy RADIUS>
...
</AuthBy>
</Handler>
The above will only proxy if LDAP authentication returns ACCEPT.
The thing to remember here is AuthBy RADIUS will not wait for the reply
by default but returns IGNORE immediately. Once the next hop proxy
returns the reply, this reply is returned back to the calling client.
Thanks,
Heikki
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list