Arran Cudbard-Bell wrote: > Yes, so have it tell the outer server... Insert the (attached) snippet > into the authorize section of the inner server.
$ git format-patch ? > I believe the User-Name attribute in outer.reply is cached, and > available for use on session resumption. Yes. > Once you've got the policies moved to post-auth, then any scripts or > lookups used for authorisation will only be run once, so far greater > efficiency with complex policies. Rejects are still handled properly > even within the Post-Auth section (jumps to Post-Auth-Type reject). Documentation suggestions are always welcome. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html