Re: [RADIATOR] AuthBy SQL Reject or Accept in the SQL results

Thu, 09 Feb 2012 06:32:31 -0800 

On 02/09/2012 01:43 PM, Michael wrote:

> I use a reject column in my user database, and SELECT it like this:
> SELECT username, crypt, CONCAT('Reject:',reject), ....
> 
> and:
> AuthColumnDef   2, Auth-Type, check

Yes, this is a very good method to do it.

> so, if the reject column is NULL, CONCAT returns NULL and it passed, but if 
> the reject column has text in it, CONCAT returns 'Reject:reject reason', and 
> the user is rejected.

Also, if SQL call returns 'Accept', the password check must still be
successful. So Auth-Type by itself does not accept the user if the
password is wrong.

A slight difference between this method and using hooks is the returned
Reply-Message with bad password. The above method returns Bad password
while with hooks it's possible to return message from SQL call.

Thanks!
Heikki

> 
> 
> On 12-02-08 12:40 PM, Lee Solway wrote:
>> Is there a way I can set an access Accept or Reject in the MySQL results
>> generated by AuthBy SQL?
>>
>> Currently I have a stored procedure that I call in the following.. I
>> would like the SP to be able to reject the Access-Request with an error
>> message also if possible..
>>
>>      AuthSelect            CALL get_reply_attr('%U')
>>      AuthColumnDef     0, GENERIC, reply
>>      AuthColumnDef     1, User-Password, check
>>
>> Thanks,
>> Lee
>> _______________________________________________
>> radiator mailing list
>> radiator@open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>>
>>
> _______________________________________________
> radiator mailing list
> radiator@open.com.au
> http://www.open.com.au/mailman/listinfo/radiator


-- 
Heikki Vatiainen <h...@open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
_______________________________________________
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

Reply via email to