Hugh & Mike,
While working on locking down multiple logins recently, i noticed an
interesting situation. I have a default realm of visi.net, so logging in as
bob and [EMAIL PROTECTED] are treated the same. I log into the server as bob. i
then try to log in to the server as [EMAIL PROTECTED] No
Hello Jeremy -
The way to deal with this situation is to add a column to the session
database to contain the rewritten username in addition to the original
username. Then you can do your session limit checking on the rewritten
username, and the NAS query can continue to use the original usernam
Hugh,
I had to postpone work on this for a bit, and am just now getting
back to it. Maybe i'm missing something, but i don't see how modifying the
session database would help with this. The session database part is fine,
its the NAS query that has the issue. From reviewing the perl code
Hello Jeremy -
If your session database contains session records that each have the
original username from the NAS, and the rewritten username (typically
all lowercase with the realm stripped off) added by the AddQuery, then
your CountQuery can be constructed to use the rewritten username and
Hugh,
i understand what you're saying, but i think you may still not
quite understand the issue i'm trying to describe. Below, i'll try to show
why your solution wouldn't address the problem.
Assume the following:
- acme.com is my default realm, so i can log in as jgh or [EMAIL PROTECTE
Hello Jeremy -
You are not understanding what I am saying.
What I am suggesting is that you use RewriteUsername(s) in your
Raditator configuration file so that all usernames get translated to
lower case with the Realm stripped off (for example).
Then in your scenario #1 below, the username get
Hugh,
I understand your suggestion, but i don't see how radiator can be
configured to do this. I don't mean storing the values in the session
database, this can be easily done with the AddQuery. I mean using the stuff
stored in the session database when performing the NAS query. So, my
Hugh,
I found an error in the patch after i mailed you, the corrected
version is below. Just to be clear, the patch does the following:
If your CountQuery SQL statement is written to return a fifth
argument (the default is just four), the value of the fifth argument is
used in
Hello Jeremy -
Many thanks for your patience and the patch (I finally realize what you
were trying to say).
The new version of SessSQL.pm is now available in the patches area of
the web site.
We really appreciate code contributions such as this.
Thanks again.
regards
Hugh
On Tuesday, Mar 1
