Hello Hugh,
I am trying to implement a handler for strictly numeric logins without
domain,
as distinct from our alphanumeric logins, which have default domains.
We have default domains defined on the clients as either nobbys.net.au
or
terrigal.net.au. depending on the client location. I cant seem to get a
regex expression
working which matches on a numeric login and an appended alpha domain.
# define an AuthBy GROUP to do both checks
<AuthBy GROUP>
Identifier CheckPassword
AuthByPolicy ContinueUntilAccept
AuthBy CheckClearTextPassword
AuthBy CheckEncryptedPassword
</AuthBy>
# Handler for only numeric login
# If unsucessful then logins should fall through to the Realm Handlers.
#<Handler User-Name = /^(?!A-Za-z-_@)/>
# Strip what ever domain we appended at the NAS
# RewriteUsername s/^([^@]+).*/$1/
# RejectHasReason
# <AuthBy RADIUS>
# Identifier xxxxx
# Host 202.xxx.xxx.33,202.xxx.xxx.34
# Secret xxxxxxxxxxxx
# AuthPort 1645
# AcctPort 1646
# RetryTimeout 10
# </AuthBy>
#</Handler>
#
# Now on to realm handlers
# Used for handling requests with realms (sec 6.12)
<Handler Realm = /(nobbys.net.au|nobbys.net|nobbys)/i>
RejectHasReason
#Strip the realm from all requests for nobbys.net.au realms
RewriteUsername s/^([^@]+).*/$1/
RewriteUsername tr/A-Z/a-z/
# Log accounting for this realm to the following file in LogDir (sec
6.13.4)
AcctLogFileName %L/account.%Y%m%d
#
Set the number of simultaneous sessions allowed for users in this realm
# (sec 6.13.3)
MaxSessions 1
# File that records all authentication attempts for this realm (sec
6.13.7)
PasswordLogFileName %L/password.%Y%m%d
AuthBy CheckPassword
#</Handler
As it stands it picks the domains, and and the numeric servers block
alpha usernames
>
> Hello Elias -
>
> At 13:12 +0700 28/3/31, Elias wrote:
>
> Hi,
>
>
>
> Is there a way to detect login prefixes with radiator? I
> want to detect logins such as [EMAIL PROTECTED]
> [prefix/login@domain] and proxy the request to another
> radius server. Can this be done? Thanks.
>
>
>
>
>
> This is very easily done with Handlers and Perl regexp's:
>
> # configure AuthBy RADIUS clause for proxy
>
> <AuthBy RADIUS>
> Identifier ProxyTo....
> .....
> </AuthBy>
>
> # special Handler for prefix and proxy
> # where "prefix" is the string you want to match
>
> <Handler User-Name = /^prefix...../>
> RewriteUsername ......
> AuthBy ProxyTo....
> </Handler>
>
> You will need to consult the Camel book (Perl reference) for the exact
> syntax of the regexp for what you want to do.
>
> hth
>
> Hugh
>
Your structure there is a little different. Are there reasons to take
the AuthBy from
the Handler User-Name?
Thanks Ken
--
Ken Kirkby
PLC Peripherals * Nobbys Net + Terrigal Net
http://www.plc-peripherals.com
Real Time Hardware and Software - Cisco Certified Regional ISP.
PO Box 815 Terrigal NSW 2260 Australia. ph +61 2 4385 2335 fx +61 2
4385 3720
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
