Hi,
I need to implement radiator configuration where for a some users
(~5k) after the user authentication (using AuthBy LDAPSDK)
AuthBy PORTLIMITCHECK and/or AuthBy DYNADDRESS is executed.
Is it ok to use Auth-Type attribute in the user LDAP entry (using
AuthAttrdef mapping) to define additional authentication checks
for a user ?
Example:
<AuthBy LDAPSDK>
Identifier LDAP_GetGroupAttr
.....
</AuthBy>
<AuthBy PORTLIMITCHECK>
Identifier MyPORTLIMITCHECK
.......
</AuthBy>
<AuthBy DYNADDRESS>
Identifier MyDYNADDRESS
......
</AuthBy>
# Called for Additional Auth
<AuthBy GROUP>
Identifier ExtendedAuth
......
AuthByPolicy ContinueWhileAccept
AuthBy LDAP_GetGroupAttr
AuthBy MyPORTLIMITCHECK
AuthBy MyDYNADDRESS
......
</AuthBy>
# Initial auth for all the users
<AuthBy LDAPSDK>
Identifier BasicAuth
......
# Get additional auth Identifier (if defined)
AuthAttrDef AuthType, Auth-Type, Check
</AuthBy>
# Handler for all the users
<Handler>
.......
AuthBy BasicAuth
.......
</Handler>
Thanks,
Valentin
+---------------------------->
| Valentin Tumarkin
| Xpert Trusted Systems Ltd.
| E-Mail: [EMAIL PROTECTED]
| Office: +972-9-9522380
| Mobile: +972-53-544887
+---------------------------->
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
