Re: Rewriting User-Name in pre-proxy
On May 22, 2009, at 6:13 AM, Alan DeKok wrote If you use the Perl module rather than exec'ing a program, it would be more efficient. Alan DeKok. - Hi Alan thanks for the response. I tried to use the perl module at first but the hash was read only. So I couldn't figure out how to get the value back into freeradius. Is it possible to do the same the with the perl module that I'm doing with the exec module ? So far I have tried modifying the REQUEST hash from pre_proxy in perl and also tried printing out My-Local-String like I'm doing in exec. Neither seem to work. Thanks, William - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Rewriting User-Name in pre-proxy
On May 22, 2009, at 6:33 AM, Alan DeKok wrote:
The REQUEST hash is for the *request*. You are trying to edit the
*proxy* request. Use:
$RAD_REQUEST_PROXY{'Attr-name'} = foo;
Alan DeKok.
Hmmm i'll dbl check. Last time RAD_REQUEST_PROXY wasn't available.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Rewriting User-Name in pre-proxy
On May 18, 2009, at 11:16 AM, William Taylor wrote:
Im currently using freeradius 2.1.4
I need to lookup a username in a dbm and rewrite it before sending
off the proxy request.
I have achieved this by using the below method. But I was wondering
if there was a better way.
It would seem that invoking perl with every auth request might be bad.
Thanks in advance!
-William
In: /etc/raddb/dictionary
ATTRIBUTE My-Local-String 3000 string
In: sites-available/default
pre-proxy {
rewrite
update proxy-request {
User-Name := %{proxy-request:My-Local-String}
}
}
In: /etc/raddb/modules/rewrite
exec rewrite {
wait = yes
program = /etc/raddb/rewriteusername.pl %{User-Name} %{Stripped-
User-Name} %{Realm}
input_pairs = proxy-request
output_pairs = proxy-request
shell_escape = yes
}
In: /etc/raddb/rewriteusername.pl
#!/usr/bin/perl
use strict;
use DB_File;
my %h;
tie %h, DB_File, /etc/raddb/rewritemap.db, O_RDONLY, 0444,
$DB_HASH
or die Cannot open file rewritemap.db: $!\n;
my $fuser = $ARGV[0];
my $suser = $ARGV[1];
my $realm = $ARGV[2];
if($realm eq foobee.net) {
if($h{$suser}) {
print My-Local-String= . $h{$suser};
} else {
print My-Local-String=$suser;
}
} else {
print My-Local-String=$suser;
}
exit 0;
Anyone doing something similar ?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Rewriting User-Name in pre-proxy
Im currently using freeradius 2.1.4
I need to lookup a username in a dbm and rewrite it before sending off
the proxy request.
I have achieved this by using the below method. But I was wondering if
there was a better way.
It would seem that invoking perl with every auth request might be bad.
Thanks in advance!
-William
In: /etc/raddb/dictionary
ATTRIBUTE My-Local-String 3000 string
In: sites-available/default
pre-proxy {
rewrite
update proxy-request {
User-Name := %{proxy-request:My-Local-String}
}
}
In: /etc/raddb/modules/rewrite
exec rewrite {
wait = yes
program = /etc/raddb/rewriteusername.pl %{User-Name} %{Stripped-
User-Name} %{Realm}
input_pairs = proxy-request
output_pairs = proxy-request
shell_escape = yes
}
In: /etc/raddb/rewriteusername.pl
#!/usr/bin/perl
use strict;
use DB_File;
my %h;
tie %h, DB_File, /etc/raddb/rewritemap.db, O_RDONLY, 0444, $DB_HASH
or die Cannot open file rewritemap.db: $!\n;
my $fuser = $ARGV[0];
my $suser = $ARGV[1];
my $realm = $ARGV[2];
if($realm eq foobee.net) {
if($h{$suser}) {
print My-Local-String= . $h{$suser};
} else {
print My-Local-String=$suser;
}
} else {
print My-Local-String=$suser;
}
exit 0;
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
