> Is it possible to pass ALL auth. request attributes > to the stored procedure (in some kind of attr/value > comma-separated list) which verifies > username/password and returns accept/reject/challenge > status code and output attribute's list, that have to > be added to the response. > > The preffered method is ODBC (or something else to > work with MS-SQL). Stored procedure signature could > be as: > > CREATE PROCEDURE dbo.p_radAuth > @username varchar(253), > @password varchar(253), > @avplist_in varchar(2048), > @avplist_out varchar(2048) >
Well, The answer to your question is probably yes, but with some modifications. First of, you need to run a check to match the username and password done with authorize_check_query. You must return the fields id,username,attribute,value,op from the select-statement against your SP. This will make Freeradius able to match the stored password against the sent one. If ok, freeradius will execute authorize_reply_query.. (might run if password not ok, can't remember at the moment).. You will be a good databasedesigner and follow the simple and perfect strategy used by freeradius.. Add a row for each attribute you want to add to a user.. reply_query will run something like: SELECT id, username, attribute, value, op FROM radreply where username = .... With MSSQL you can run a select statement against a SP. The only thing you really need to think of is that Freeradius expects to get rows with the column-names id, username, attribute, value and op. If you manage to do that, you can do whatever you want :) Sincerely, Max! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
