subject:"\(RADIATOR\) Re\: SessionDatabse SQL and Multiple Logins"

(RADIATOR) Re: SessionDatabse SQL and Multiple Logins

2002-05-26 Thread Hugh Irvine



Hello Vignesa -

This question comes up now and again (you will find the discussions on the 
archive site http://www.open.com.au/archives/radiator).

If you look at the delete query closely, you will see that it is the 
NASIDENTIFIER and NASPORT values that are used.

delete from RADONLINE where NASIDENTIFIER='%1' and NASPORT=0%2

This is a preventative maintenance approach to keeping the session database 
up to date. As you know, radius is UDP-based and accounting records can and 
do go missing from time to time. This being the case, Radiator always does a 
delete for the NAS-Identifier and NAS-Port attributes contained in an access 
request. The reasoning being that there cannot already be a session on that 
NAS-Identifier/NAS-Port combination, by definition (a new call cannot come in 
on a channel that already has a call on it).

hth

Hugh


On Mon, 27 May 2002 02:35, Vignesa Moorthy wrote:
 I have configured my Radiator 3.0  3.1 to use a Mysql database for session
 management.

 I assume that SessionDatabase SQL is a global directive.

 In each relam that I only want to permit single logins. I have specified
 DefaultSimultaneousUse 1

 I am using the database schema for the RADONLINE from the goodies dir.

 The strange thing is the following:

 when an authentication request is first received,

 DEBUG: do query is: delete from RADONLINE where NASIDENTIFIER=

 if this is done, the user's session will always be deleted from the
 database. As such multiple logins will be permitted.

 Is there something I am missing here?

 Regards

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Re: SessionDatabse SQL and Multiple Logins

2002-05-26 Thread radius


Dear Hugh,

The problem we are faced with is that the NAS we use does not use ports. It
sends the port type as 5 being virtual to the Radius. So all sessions by
any user gets stored in the database with having a port of 0 as such, when
the delete from RADONLINE where NASIDENTIFIER='%1' and NASPORT=0%2 is
called, all my users get deleted.

Regards

- Original Message -
From: Hugh Irvine [EMAIL PROTECTED]
To: Vignesa Moorthy [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Monday, May 27, 2002 7:54 AM
Subject: (RADIATOR) Re: SessionDatabse SQL and Multiple Logins



 Hello Vignesa -

 This question comes up now and again (you will find the discussions on the
 archive site http://www.open.com.au/archives/radiator).

 If you look at the delete query closely, you will see that it is the
 NASIDENTIFIER and NASPORT values that are used.

 delete from RADONLINE where NASIDENTIFIER='%1' and NASPORT=0%2

 This is a preventative maintenance approach to keeping the session
database
 up to date. As you know, radius is UDP-based and accounting records can
and
 do go missing from time to time. This being the case, Radiator always does
a
 delete for the NAS-Identifier and NAS-Port attributes contained in an
access
 request. The reasoning being that there cannot already be a session on
that
 NAS-Identifier/NAS-Port combination, by definition (a new call cannot come
in
 on a channel that already has a call on it).

 hth

 Hugh


 On Mon, 27 May 2002 02:35, Vignesa Moorthy wrote:
  I have configured my Radiator 3.0  3.1 to use a Mysql database for
session
  management.
 
  I assume that SessionDatabase SQL is a global directive.
 
  In each relam that I only want to permit single logins. I have specified
  DefaultSimultaneousUse 1
 
  I am using the database schema for the RADONLINE from the goodies dir.
 
  The strange thing is the following:
 
  when an authentication request is first received,
 
  DEBUG: do query is: delete from RADONLINE where NASIDENTIFIER=
 
  if this is done, the user's session will always be deleted from the
  database. As such multiple logins will be permitted.
 
  Is there something I am missing here?
 
  Regards

 --
 Radiator: the most portable, flexible and configurable RADIUS server
 anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
 -
 Nets: internetwork inventory and management - graphical, extensible,
 flexible with hardware, software, platform and database independence.
 ===
 Archive at http://www.open.com.au/archives/radiator/
 Announcements on [EMAIL PROTECTED]
 To unsubscribe, email '[EMAIL PROTECTED]' with
 'unsubscribe radiator' in the body of the message.



===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Re: SessionDatabse SQL and Multiple Logins

Re: (RADIATOR) Re: SessionDatabse SQL and Multiple Logins

2 matches

Site Navigation

Mail list logo

Footer information