In FreeRADIUS version 1.x I was able to add a vendor specific AV pair to
an Access-Accept message based on the User-Name. Users are *not*
specifying a realm, therefore the FR 1.x server proxies all requests to
another RADIUS server by virtue of the NULL stanza in the proxy.conf
file. The post_proxy_authorize directive is set to "yes" inside
proxy.conf, so the users file is processed twice (on request and
response).
The FR 1.x users file contains an entry similar to the following:
foo User-Name == "foo"
Vendor-User-Group += "bar"
When user foo successfully authenticates, the Vendor-User-Group
attribute is passed from FR to the NAS with the value "bar".
I want to set the value of the Vendor-User-Group attribute based on the
User-Name. I do not want the user to specify a realm in their User-Name
and set the value of Vendor-User-Group based on the realm.
How do I conditionally add an AV pair post-proxy with FreeRADIUS version
2.1.7?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
