On Mon, Jul 1, 2013 at 3:30 PM, Arran Cudbard-Bell <a.cudba...@freeradius.org> wrote: > > On 1 Jul 2013, at 17:59, Matt Zagrabelny <mzagr...@d.umn.edu> wrote: > >> Greetings, >> >> I am using a Pg datastore to hold authentication data and using the Pg >> module for FR to hook into it. >> >> I am using a basic view for the radius_check table: >> >> # SELECT * from radius_check_users where username = 'mzagrabe'; >> id | username | attribute | op | value >> -------+----------+----------------+----+------------------------------------ >> 1 | mzagrabe | Crypt-Password | := | $1$somehash >> >> I'd also like to have the option of denying users with something like: >> >> atlas-# SELECT * from radius_sanction where username = 'mzagrabe'; >> id | username | attribute | op | value >> -------+----------+-----------+----+-------- >> 1 | mzagrabe | Auth-Type | := | Reject >> (1 row) >> >> I'd like to create a UNION of these two views so that both records >> would be returned when FR queried for 'mzagrabe'. Is it enough to >> ensure that the "Reject" records appears before the "Crypt-Password" >> records in the resulting UNION for FR to reject the request? > > It can appear before or after, it doesn't matter. > > https://github.com/FreeRADIUS/freeradius-server/blob/master/src/modules/rlm_pap/rlm_pap.c#L330
Great! Thanks, Arran! Sincerely, -mz - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
