[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnu-radius] Always authenticating users, but returning IP Address
From: |
Ryan O'Connell |
Subject: |
[Help-gnu-radius] Always authenticating users, but returning IP Address for some |
Date: |
Tue, 15 Mar 2005 13:51:48 +0000 |
User-agent: |
Mozilla Thunderbird 1.0 (Windows/20041206) |
Hi,
I'm trying to set up a RADIUS server to always authenticate users
sucessfully, but return additional information (Static IP address) from
an SQL database for those that get the correct username and password. If
the incorrect password is used, ideally the user should still be
authenticated but without the Static IP. I initially tried matching
using %C{Password} in reply_attr_query but that approach doesn't work
with CHAP passwords.
I've now tried the following:
/usr/local/etc/raddb/users:
DEFAULT Auth-Type = Accept
Service-Type = Framed-User,
Framed-Protocol = PPP, (etc...)
Fall-Through = Yes
DEFAULT Auth-Type = Local,
Password-Location = SQL
Reply-Message = "Authenticated"
...and then checking %R{Reply-Message} in check_attr_query but it looks
like %R{} isn't available in check_attr_query and also only one
"Auth-Type" is allowed - any subsequent Auth-Type entries pass
regardless of what they are. (If I reverse the order of the two DEFAULT
entries above, all authentication fails except with a matching
username/password)
Is there any easy way around the above problems?
Thanks.
- [Help-gnu-radius] Always authenticating users, but returning IP Address for some,
Ryan O'Connell <=