[RADIATOR] Simple Question Regarding Realm Handling

Ullfig, Roberto Alfredo rullfig at uic.edu
Fri Jan 7 20:19:34 UTC 2022 

Thanks! Using "User-Name" simplifies things.

---
Roberto Ullfig - rullfig at uic.edu
Systems Administrator
Enterprise Applications & Services | Technology Solutions
University of Illinois - Chicago
________________________________
From: radiator <radiator-bounces at lists.open.com.au> on behalf of Heikki Vatiainen <hvn at open.com.au>
Sent: Friday, January 7, 2022 10:25 AM
To: radiator at lists.open.com.au <radiator at lists.open.com.au>
Subject: Re: [RADIATOR] Simple Question Regarding Realm Handling

On 7.1.2022 18.08, Ullfig, Roberto Alfredo wrote:

> Wait no that won't work. I assume Realm= is looking for everything after
> the @ symbol so how about this?
 >
> <Handler ConvertedFromEAPMSCHAPV2=1, Realm=/^\z|^uic\.edu\z/i>

Here's one more. Now it's clear that the whole User-Name is considered
and there's no reason to think realm as a separate thing:

# One or more non-@ characters followed by @uic.edu once or not at all
<Handler ConvertedFromEAPMSCHAPV2=1, User-Name=/^[^@]+(@uic\.edu)?\z/i>

>          RewriteUsername s/^([^@]+).*/$1/
>          <AuthBy SUSPEND>
>                  Dir /mnt/global/authinfo/campus_suspend
>          </AuthBy>
>          <AuthBy SUSPEND>
>                  Dir /mnt/global/authinfo/campus_delete
>          </AuthBy>
>          <AuthBy WIRELESS>
>                  Dir /mnt/global/authinfo/wireless
>          </AuthBy>
>          <AuthBy NTLM>
>                  DefaultDomain AD
>          </AuthBy>
>          <AuthLog SYSLOG>
>                  LogSuccess 1
>                  LogFailure 1
>                  Facility local0
>                  SuccessFormat %T : '%U' from %N
> mac=%{OuterRequest:Calling-Station-Id} -- Authentication OK
>                  FailureFormat %T : '%U' from %N
> mac=%{OuterRequest:Calling-Station-Id} -- Authentication FAILED
>          </AuthLog>
> </Handler>
>
> <Handler ConvertedFromEAPMSCHAPV2=1>
>           <AuthBy INTERNAL>
>               DefaultResult REJECT
>           </Handler>
> </Handler>

--
Heikki Vatiainen
OSC, makers of Radiator
Visit radiatorsoftware.com for Radiator AAA server software
_______________________________________________
radiator mailing list
radiator at lists.open.com.au
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.open.com.au%2Fmailman%2Flistinfo%2Fradiator&data=04%7C01%7Crullfig%40uic.edu%7C6a07f502d3dc40a7873f08d9d1fa8084%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637771696106898180%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=pubYjSFyxqQTS4WFGA9GyhcnK%2FDh4bxkbGqSxWEGyRk%3D&reserved=0
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.open.com.au/pipermail/radiator/attachments/20220107/7303bef8/attachment-0001.html>

More information about the radiator mailing list