Geoff Silver [EMAIL PROTECTED] wrote:
I noticed in the included raddb/proxy.conf file, the
post_proxy_authorize option notes that it's deprecated and will be
removed in the future. I'm using that feature right now, so I'd
like to find out if there's a better way to handle the authorization
step, or else if this option can be left in the code. I *presume*
the right way is to add something to post-proxy {},
Yes.
but when I tried to duplicate my authorize section, I get nothing
but errors when trying to start radiusd.
Probably because you're trying to reproduce the authorize stage
exactly, which isn't necessary.
My authorization step can go in either the pre-proxy or post-proxy
section - the important thing is that the proxy server can handle
authentication, but I need to use the users file to do
authorization. Ideas on how to do this right are appreciated.
Thanks.
If you don't say what the errors are, it's a little difficult to
help you.
My guess: you're putting preprocess in post-proxy. The simplest
thing to do is to not do that...
Also, the files module doesn't have a post-proxy section in
1.1.x. It *does* have that in the CVS head.
For now, you can probably leave post_proxy_authorize = yes
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html