Hi John & Alan, Kindly clarify Does this means, it is posible to use only authorize function of FR and process all authentication requests with following virtual server?
1. server accept_all_requests { authorize { update control { Auth-Type := "Accept" } } } Thanks / Regards --RM On Wed, Jun 5, 2013 at 1:34 PM, Alan DeKok <al...@deployingradius.com>wrote: > John Dennis wrote: > > You're both right, now shake hands and make up :-) The problem with the > > term authorization in radius is used in a non-standard way that leads to > > confusion. The normal use of the term authorization (authz) indicates > > what a principal is permitted to do and a principal must be validated > > via authentication (authn) first. In radius authorization means > > collecting information necessary to perform the authentication > > operation. It's an unfortunate semantic difference that leads to a fair > > amount of confusion (myself included), but after a while you get used to > > it. > > It was a historical mistake in FreeRADIUS which has been kept for too > long. > > After 3.0 is released, we'll transition to a naming scheme that's a > little more complex, but much clearer. The idea is that every packet > has 3 stages: > > recv = receive the packet > process = process the packet > send = send the reply > > We can map the existing authorize / authenticate / etc. to these > processing stages. That change will be initially confusing, but will be > simpler. It will also enable the server to do more protocols that are > in the works. :) > > Alan DeKok. > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html