[RADIATOR] Simple Question Regarding Realm Handling
Heikki Vatiainen
hvn at open.com.au
Fri Jan 7 16:25:22 UTC 2022
On 7.1.2022 18.08, Ullfig, Roberto Alfredo wrote:
> Wait no that won't work. I assume Realm= is looking for everything after
> the @ symbol so how about this?
>
> <Handler ConvertedFromEAPMSCHAPV2=1, Realm=/^\z|^uic\.edu\z/i>
Here's one more. Now it's clear that the whole User-Name is considered
and there's no reason to think realm as a separate thing:
# One or more non-@ characters followed by @uic.edu once or not at all
<Handler ConvertedFromEAPMSCHAPV2=1, User-Name=/^[^@]+(@uic\.edu)?\z/i>
> RewriteUsername s/^([^@]+).*/$1/
> <AuthBy SUSPEND>
> Dir /mnt/global/authinfo/campus_suspend
> </AuthBy>
> <AuthBy SUSPEND>
> Dir /mnt/global/authinfo/campus_delete
> </AuthBy>
> <AuthBy WIRELESS>
> Dir /mnt/global/authinfo/wireless
> </AuthBy>
> <AuthBy NTLM>
> DefaultDomain AD
> </AuthBy>
> <AuthLog SYSLOG>
> LogSuccess 1
> LogFailure 1
> Facility local0
> SuccessFormat %T : '%U' from %N
> mac=%{OuterRequest:Calling-Station-Id} -- Authentication OK
> FailureFormat %T : '%U' from %N
> mac=%{OuterRequest:Calling-Station-Id} -- Authentication FAILED
> </AuthLog>
> </Handler>
>
> <Handler ConvertedFromEAPMSCHAPV2=1>
> <AuthBy INTERNAL>
> DefaultResult REJECT
> </Handler>
> </Handler>
--
Heikki Vatiainen
OSC, makers of Radiator
Visit radiatorsoftware.com for Radiator AAA server software
More information about the radiator
mailing list