You can may be use Autz-Type (there is a documentation about this directive inside the /doc directory of freeradius tarball).
ex : authorise { preprocess Autz-Type dosql { sql } files } and in user you can set or not this check item : DEFAULT Autz-Type := dosql freeradius will first execute preprocess and files modules... then sql if Autz-Type is set to "dosql" Hope it helps Anthony with this in Le vendredi 27 mai 2005 à 14:32 +0200, Miguel Sennoun a écrit : > I have a question in relation with this configuration: > In the case module file (users) and then sql are activated. Is it possible > to go through sql module conditionally following what happened in the file > module? > In fact my file module can set an Auth-Type = Reject. In this case I would > like the sql module don't send request. But if Auth-Type has not been set > then sql querries are called. > Do you think it is possible? > > > -----Message d'origine----- > > De : [EMAIL PROTECTED] [mailto:freeradius-users- > > [EMAIL PROTECTED] De la part de Edgars > > Envoyé : vendredi 27 mai 2005 13:55 > > À : freeradius-users@lists.freeradius.org > > Objet : Re: sequence > > > > >>in the authentication module, what is happening if i have two sequential > > > > entries - 'sql' and after'file'. What is more prioritized? > > > > > Only one is chosen. > > > > > > But is it possible to have a chain of authentication modules, each > > performing > > its own task on the request, for example, rlm_passwd to modify the > > client's > > request (based on username, insert some additional attributes there), then > > one more rlm_passwd to check plain-text passwords, and then rlm_users to > > compose the reply? > > > > Thanks, > > > > Edgars > > > > > > > > Alan DeKok wrote: > > > > >Edgars <[EMAIL PROTECTED]> wrote: > > > > > > > > >>in the authentication module, what is happening if i have two sequential > > >>entries - 'sql' and after'file'. What is more prioritized? > > >> > > >> > > > > > > Only one is chosen. > > > > > > > > > > > >>I'm asking because of i want to have non-plaintext passwords while > > >>keeping in the file or DB. Does this make sense? > > >> > > >> > > > > > > I'm not sure what you mean by that. > > > > > > > > > > > >>If there is no way then there is a plan to use Kerberos for > > >>authentication and FreeRADIUS for authorization. > > >> > > >> > > > > > > See rlm_krb5, it's included with the server. > > > > > > Alan DeKok. > > > > > >- > > >List info/subscribe/unsubscribe? See > > http://www.freeradius.org/list/users.html > > > > > > > > > > > > > > > > - > > List info/subscribe/unsubscribe? See > > http://www.freeradius.org/list/users.html > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Anthony Hinsinger <[EMAIL PROTECTED]> - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html