(RADIATOR) changing the realm.

Wed, 11 Jul 2001 10:33:44 -0700 

Hello all,

I am trying to take the username (including realm or not) that comes in
from the packet, strip the realm and then put on a new one based on the
radius client that is providing the packet. I have the following in a
client block:

<Client 127.0.0.1>
   RewriteUsername s/^([^@]+).*/$1/
   Secret mysecret
   PreHandlerHook sub { ${$_[0]}->change_attr('Realm','home'); \
                        my $request = ${$_[0]}; \
                        my $attrref = $request->{Attributes}; \
                        my @attr = @$attrref; \
                        foreach (@attr) { \
                           my @attr2 = @$_; \
                           my $attr3; \
                           foreach $attr3 (@attr2) { \
                              print "attribute is '$attr3'\n"; \
                           }\
                        }\
                     }
</Client>

Mostly, what happens is I try and use the 'change_attr' method to change
the realm from whatever it was to 'home'. However, when I tried then
using a <Handler  Realm = home> block, it never noticed the new realm,
and continued with the old realm as per the following log file segment:

attribute is 'User-Name'
attribute is 'hamlin'
attribute is 'Service-Type'
attribute is 'Framed-User'
attribute is 'NAS-IP-Address'
attribute is '203.63.154.1'
attribute is 'NAS-Port'
attribute is '1234'
attribute is 'Called-Station-Id'
attribute is '123456789'
attribute is 'Calling-Station-Id'
attribute is '987654321'
attribute is 'NAS-Port-Type'
attribute is 'Async'
attribute is 'Framed-IP-Address'
attribute is '255.255.255.254'
attribute is 'User-Password'
attribute is 'ϸfß5pö¼8         Ø}x'
attribute is 'Realm'
attribute is 'home'
Wed Jul 11 10:45:34 2001: DEBUG: Packet dump:
*** Received from 65.13.83.72 port 1027 ....
Code:       Access-Request
Identifier: 124
Authentic:  1234567890123456
Attributes:
        User-Name = "[EMAIL PROTECTED]"
        Service-Type = Framed-User
        NAS-IP-Address = 203.63.154.1
        NAS-Port = 1234
        Called-Station-Id = "123456789"
        Calling-Station-Id = "987654321"
        NAS-Port-Type = Async
        Framed-IP-Address = 255.255.255.254
        User-Password =
"<207><184>f<154><223>5p<246><188>8<9><160><216>}x<153>"
Wed Jul 11 10:45:34 2001: DEBUG: Rewrote user name to hamlin
Wed Jul 11 10:45:34 2001: DEBUG: Check if Handler Realm = home should be
used to handle this request
Wed Jul 11 10:45:34 2001: DEBUG: Check if Handler  should be used to
handle this request
Wed Jul 11 10:45:34 2001: DEBUG: Handling request with Handler ''
Wed Jul 11 10:45:34 2001: DEBUG:  Deleting session for
[EMAIL PROTECTED], 203.63.154.1, 1234

As you can see, when printing out attributes, it shows the Realm to be
'home', and later when doing the packet dump, the username is
[EMAIL PROTECTED] as it was sent from the radius client. Maybe this is
not possible, which would be OK I have other ideas to work around it.
But now I'm curious.

Griff Hamlin, IIII


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to