Hi,
> authorize {
> if (User-Name =~ /^(.*)@(.*)/) {
> update request {
> User-Name := "%{1}"
> Realm := "%{2}"
> }
> if (Realm !~ /mydomain\.ox\.ac\.uk/i) {
> # invalid
> reject
> }
> }
> }
beware of blank outerid as per the RFC - ie @mydomain.ox.ac.uk is 100% legit.
you need to ensure that the unlang and regex handles this.
> Which is "better" will depend on exactly what you're trying to do. I use
> the former, but mostly for historical reasons. The latter may be
> somewhat more flexible.
I've moved to the latter because of the flexibility - especially if you have
3rd party realms to deal with that wont be sent off to a default external proxy
farm.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
