Fajar. Thanks for the tip. This indeed works. In fact as Alan alluded to, placing the configuration in either users or the module will work. Here are the configurations that worked:
/etc/raddb/users: DEFAULT Auth-Type = Perl Fall-Through = yes OR /etc/raddb/example: # Function to handle authorize sub authorize { # For debugging purposes only &log_request_attributes; # Here's where your authorization code comes # You can call another function from here: &test_call; $RAD_CHECK{'Auth-Type'} = "Perl"; $RAD_CHECK{'Fall-Through'} = "yes"; return RLM_MODULE_OK; } Cheers and thanks! Diego On Tue, Jun 12, 2012 at 10:16 PM, Fajar A. Nugraha <l...@fajar.net> wrote: > On Wed, Jun 13, 2012 at 6:01 AM, Diego Matute <dmat...@cyphercor.com> > wrote: > > >> > 2/ How does Auth-Type get set? I've read a bunch of forum threads and > it > >> > looks like best practice nowadays is to let the server figure it out > and > >> > not set it explicitly in /etc/raddb/users, however it isn't being set. > >> > >> It isn't being set because the default distribution doesn't use > rlm_perl. > >> > >> If you want to *force* usage of rlm_perl, you need to set Auth-Type. > >> If you want to let the server just do the right thing, leave everything > >> alone. > >> > > > > What is the best practice for this? Should the Auth-Type be set in > > /etc/raddb/users, within the module, /etc/raddb/sites-available/*? > > Why do you want to set Auth-Type? As Alan already said, if you want > to let the server just do the right thing, leave everything alone. > Meaning, you leave auth-type alone, use rlm_perl to supply user data > (e.g. cleartext-password) as needed during authorization, and let the > default authentication methods (pap, mschap, etc) does its job. If you > force set auth-type, then you're not following best practice. > > That being said, from within rlm_perl you could probably set the > attribute on %RAD_CHECK (or is it %RAD_CONFIG?). If ALL your users > will use perl to authenticate then something like the default section > on /etc/raddb/users should do. > > -- > Fajar > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html