[RADIATOR] about soap authentication
Heikki Vatiainen
hvn at open.com.au
Wed Jun 5 08:49:43 CDT 2013
On 06/04/2013 05:19 PM, celalettin altinpinar wrote:
> I am preparing radius authentication solution. I need to fullfil
> following flow with radiator. Has somebody tried similar flow,
Hello Celalettin,
I think your authentication flow can be done with Radiator. See the
reference manual for AuthByPolicy which controls when the next AuthBy
needs to be tried in a Handler or AuthBy GROUP.
> 1. Authentication request
> 2. Radius will check user from DB
> 3. If user exist and password correct reply with Access -accept
> 4. If user doesn't exist or password doesn't match ask to query soap for
> user check if new user created there or password is updated there
> 5. If soap query has match return Access-accept and update local database.
> 6. Any other case return Access-reject.
>
> I am new to radiator and looking for easy way to do it. Can I do it with
> radiator soap authentication ui. If possible can you share some sample
> config related?
In this case you would need something like this:
<Handler ...>
AuthByPolicy ContinueWhileReject
<AuthBy SQL>
...
</AuthBy>
<AuthBy SOAPMODULE>
...
</AuthBy>
</Handler>
Notice I have used fictional AuthBy SOAPMODULE, not AuthBy SOAP. The
reason is you would need to adapt the existing AuthBy SOAP to work with
the SOAP interface your SOAP server requires. For more information about
what AuthBy SOAP included with Radiator does, please see goodies/soap*
files.
In your case I would consider finding out information about the SOAP
interface the SOAP server uses. You can then modify the existing AuthBy
SOAP module to work with that interface.
There is no generic SOAP authentication interface in Radiator. I do not
think one even exists. Fortunately it is possible to create an AuthBy
module that understands the SOAP interface you have to work with.
Thanks,
Heikki
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list