Hello Marc - Realms are *always* evaluated before Handlers, so you should do this:
<Handler> .... </Handler> instead of <Realm DEFAULT> ..... </Realm> regards Hugh On Saturday, Jan 11, 2003, at 01:48 Australia/Melbourne, Marc wrote:
Hi to everybody,
Does anybody can give me some advice on why all requests that should be
rejected (the ones with User-Password attribute set to ascend) are granted
instead ?
The scenario is the following :
The bottom of my radius.cfg file looks like :
<Handler User-Password=ascend>
<AuthBy INTERNAL>
DefaultResult REJECT
</AuthBy>
</Handler>
<Realm DEFAULT>
# Lets check everything and log to SQL
AuthBy DoChecks
# Log authentication success and failure
AuthLog myauthlogger
</Realm>
And there are no more Realm or Handler statements before those.
I've looked into radiator documentation and it says :
* Look for a Realm with an exact match on the realm name
* If still no exact match, look for a matching regular expression
Realm
* If still no match, look for a <Realm DEFAULT>
* If still no match, look at each Handler in the order they appear in
the configuration file until one where all the check items match the
request.
* If still no match, ignore (i.e. do not reply to) the request.
If that's true and I understand it well, how can I do to ALWAYS parse the
hanlder statement before the Realm DEFAULT ?
Thank you very much in advance,
M
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
-- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
