[RADIATOR] Detect if EAP is done for loging
Heikki Vatiainen
hvn at open.com.au
Fri Sep 20 15:42:30 UTC 2019
On 20/09/2019 16.05, Dubravko Penezic wrote:
> is it possible to detect if <AuthBy LDAP2> did EAP or just do simple
> authentication ?
With AuthLog you could consider specials %x, %X and %{EAPTLS:Protocol}.
The last one is tells TLS version for TLS based EAP methods, such as
EAP-TTLS and PEAP.
Another possibility would be to use separate Handler for EAP and use a
different AuthLog within this Handler. Then you could have EAP
authentication logs, for example, in a separate file.
Thanks,
Heikki
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,
EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.
More information about the radiator
mailing list