Limiting Simultaneous Logins (Using Free radius and Mysql at back end)

Thu, 20 Jan 2005 01:01:17 -0800 

I want to limit the users so that multiple logins are not allowed
using a single account.

At our company we have ( proprietary ) server which forwards
authentication requests to radius  which is configured to query Mysql
and confirm the user credentials.

I have done the following 


radcheck table 
+----+-------------------------+-----------+----+-------+
| id | UserName                | Attribute | op | Value |
+----+-------------------------+-----------+----+-------+
|  7 | [EMAIL PROTECTED] | Password  | == | baen1 |
|  6 | [EMAIL PROTECTED] | Auth-Type | := | Local |
+----+-------------------------+-----------+----+-------+

usergroup table 

+----+-------------------------+-----------+
| id | UserName                | GroupName |
+----+-------------------------+-----------+
|  1 | [EMAIL PROTECTED] | demo      |
+----+-------------------------+-----------+


 radgroupcheck table 
+----+-----------+------------------+----+-------+
| id | GroupName | Attribute        | op | Value |
+----+-----------+------------------+----+-------+
|  1 | demo      | Simultaneous-Use | := | 1     |
+----+-----------+------------------+----+-------+


The queries in sql.conf are :

 authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM
${authcheck_table} WHERE Username = '%{SQL-User-Name}' ORDER BY id"
        
authorize_reply_query = "SELECT id,UserName,Attribute,Value,op FROM
${authreply_table} WHERE Username = '%{SQL-User-Name}' ORDER BY id"

 authorize_group_check_query = "SELECT
${groupcheck_table}.id,${groupcheck_table}.GroupName,${groupcheck_table}.Attribute,${groupcheck_table}.Value,${groupcheck_table}.op
 FROM ${groupcheck_table},${usergroup_table} WHERE
${usergroup_table}.Username = '%{SQL-User-Name}' AND
${usergroup_table}.GroupName = ${groupcheck_table}.GroupName ORDER BY
${groupcheck_table}.id"

 authorize_group_reply_query = "SELECT
${groupreply_table}.id,${groupreply_table}.GroupName,${groupreply_table}.Attribute,${groupreply_table}.Value,${groupreply_table}.op
 FROM ${groupreply_table},${usergroup_table} WHERE
${usergroup_table}.Username = '%{SQL-User-Name}' AND
${usergroup_table}.GroupName = ${groupreply_table}.GroupName ORDER BY
${groupreply_table}.id"

simul_count_query = "SELECT COUNT(*) FROM ${acct_table1} WHERE
UserName='%{SQL-User-Name}' AND AcctStopTime = 0"

 simul_verify_query = "SELECT RadAcctId, AcctSessionId, UserName,
NASIPAddress, NASPortId, FramedIPAddress, CallingStationId,
FramedProtocol FROM ${acct_table1} WHERE UserName='%{SQL-User-Name}'
AND AcctStopTime = 0"

I tried to follow the instructions in the documentation page
"Simultaneous-Use" which comes with free radius package  but obviously
i am doing some thing wrong .

Incase Anyone knows the answer or can put me in the right direction ,
please   help me  with that .

Thank you ..

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to