On Tue, Dec 07, 2004 at 12:40:41PM -0800, L.C. (Laurentiu C. Badea) wrote:
> Xtradius uses Auth-Type = External, freeradius appears to need Auth-Type = 
> Accept with an external script. Not a big deal, just thought I should 
> mention it because it is somewhat less intuitive (since after all, you can 
> turn it into a Reject via exit code).

You could add an Auth-Type to your local dictionary, and force Auth-Type
to that in authorization, if you're only ever going to authenticate from
that external script.

Otherwise, an rlm_exec in authorization which checks for conditions and
sets your custom Auth-Type would be the obvious method to me.

_Or_ your could put your script in post-auth, so it's always called, and
just have the authorisation section always return accept. ^_^

I guess there's no "External" Auth-Type because very few people are
doing checking that can't be handled in one of the auth-types supplied
already?

-- 
Paul "TBBle" Hampson, on an alternate email client.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to