Geoff Silver <[EMAIL PROTECTED]> wrote: > I noticed in the included raddb/proxy.conf file, the > post_proxy_authorize option notes that it's "deprecated and will be > removed in the future". I'm using that feature right now, so I'd > like to find out if there's a better way to handle the authorization > step, or else if this option can be left in the code. I *presume* > the right way is to add something to post-proxy {},
Yes. > but when I tried to duplicate my authorize section, I get nothing > but errors when trying to start radiusd. Probably because you're trying to reproduce the authorize stage exactly, which isn't necessary. > My authorization step can go in either the pre-proxy or post-proxy > section - the important thing is that the proxy server can handle > authentication, but I need to use the users file to do > authorization. Ideas on how to do this right are appreciated. > Thanks. If you don't say what the errors are, it's a little difficult to help you. My guess: you're putting "preprocess" in "post-proxy". The simplest thing to do is to not do that... Also, the "files" module doesn't have a "post-proxy" section in 1.1.x. It *does* have that in the CVS head. For now, you can probably leave "post_proxy_authorize = yes" Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html