On May 18, 2009, at 11:16 AM, William Taylor wrote:
Im currently using freeradius 2.1.4
I need to lookup a username in a dbm and rewrite it before sending
off the proxy request.
I have achieved this by using the below method. But I was wondering
if there was a better way.
It would seem that invoking perl with every auth request might be bad.
Thanks in advance!
-William
In: /etc/raddb/dictionary
ATTRIBUTE My-Local-String 3000 string
In: sites-available/default
pre-proxy {
rewrite
update proxy-request {
User-Name := "%{proxy-request:My-Local-String}"
}
}
In: /etc/raddb/modules/rewrite
exec rewrite {
wait = yes
program = "/etc/raddb/rewriteusername.pl %{User-Name} %{Stripped-
User-Name} %{Realm}"
input_pairs = proxy-request
output_pairs = proxy-request
shell_escape = yes
}
In: /etc/raddb/rewriteusername.pl
#!/usr/bin/perl
use strict;
use DB_File;
my %h;
tie %h, "DB_File", "/etc/raddb/rewritemap.db", O_RDONLY, 0444,
$DB_HASH
or die "Cannot open file rewritemap.db: $!\n";
my $fuser = $ARGV[0];
my $suser = $ARGV[1];
my $realm = $ARGV[2];
if($realm eq "foobee.net") {
if($h{$suser}) {
print "My-Local-String=" . $h{$suser};
} else {
print "My-Local-String=$suser";
}
} else {
print "My-Local-String=$suser";
}
exit 0;
Anyone doing something similar ?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
