Hello Jeremy -
You could do something along the lines of what you show below by using
an OSC-AVPAIR, but you will need to do some experiments as Reject
handling is different and you may need to use a hook to manipulate the
reply packet. There are some example hooks in the file
goodies/hooks.txt.
regards
Hugh
On Thursday, Oct 23, 2003, at 05:23 Australia/Melbourne, Jeremy Hinton
wrote:
Is there any way inside a Handler clause to access the reason for
the current requests failing, as it is accessible via %1 in an
AuthLog clause? I would like to be able to pass back the actual
failure reason to the client instead of the cryptic
Reply-Message=Request Denied. Something along the lines of the
following, where %x is the var for the failure reason:
Handler
SessionDatabase SDB_SQL
AuthBy Auth_SQL
StripFromReply Reply-Message
AddToReply Reply-Message=%x
/Handler
The reason for this is we are migrating to using an AuthBy RADIUS
setup, where one server proxies to another. Unfortunately, on the
proxy/ front end server, the %1/Reason in an AuthLog SQL clause is
always set to Proxy on all login failures, instead of the normally
descriptive failure reason. I realize this is because the proxy server
has no way of knowing what the failure reason is from the server its
passing the request to. Hence, my need to have the back-end server
insert the failure text into the reply packet. Then i can structure
the AuthLog SQL insert statement on my front end server to log
'%{Reply:Reply-Message}' instead of %1 for the failure reason. Does
this make sense?
- jeremy
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.