sounds like you may be trying to do something that is pretty complex. maybe you should be thinking about creating your own custom Auth Clause. section 17.0 in the Radiator manual. For example, i've created my own Auth Clause (AuthUNIX_UID) to support the UID value from unix password files as it was required for my purpose. The normal AuthUNIX doesn't do anything with UIDs.
On 12-02-16 09:55 AM, Alby wrote: > Hi Michael, > thank you for your answer! > I agree with you, if you can do what you need with Radiator's configuration, > of course it is a better way to operate. But I need to implement a sort of > Self-Provisioning procedure. When a new user tries to authenticate, I first > let Radiator rejects the request (because the user does not have an account > on the system). But then I check if the user satisfies with some > prerequisites (e.g. a special password used and some more). If so, I create > an account for the new user (and write the SQL database from my PostAuthHook) > and then notify it of the account creation, for example by mail. Up to now, I > use a PostAuthHook script to do that. It works very well, the only matter is > about the performance when writing to the database because I connect and > disconnect each time. I've tried to do it in other ways, but without any > success, since up to now this seems to be the best solution. > Cheers, > Alberto > > Il giorno 16 febbraio 2012 15:32, Michael <ri...@vianet.ca > <mailto:ri...@vianet.ca>> ha scritto: > > I hate to answer a question with another question, but what, why and/or > when are you writing data to the sql? I write data to sql but I do it > through any combination of <AuthBy SQL> <AuthLog SQL>, and sometimes an > AuthBy SessionDB. Works much better for me. I try to avoid custom hooks if > at all possible. The ability for hooks is great to have, but if Radiator can > already do a task just through config, i try to do it that way instead of a > hook. > > So, if you want to write something to a table for example ever time a > user authenticates, use an <AuthBy AuthLog>, a SuccessQuery, and "LogSuccess > 1". > if you want to write something when stop packets come in, use <AuthBy > SQL>, with "HandleAcctStatusTypes Stop", and a AcctSQLStatement. > > depends on what you need to do. > > > > On 12-02-16 09:17 AM, Alby wrote: > > Hi all, > I'm using radiator with a SQL database that stores the users' data. > I've also a PostAuthHook that writes some data on the SQL database. Up to now > my Hook connects to the database, writes the data and then disconnects. I > suspect that connecting and disconnecting each time I write to the database > is not a really good idea (expecially for the performance). I've noticed that > Radiator opens the connection to the database only the first time, then > reuses it (this is of course a better way than mine). Since the database that > I write is the same that I use on Radiator (same name, same user and same > password), is there a way to reuse the Radiator's DB handle instead of > creating a new one and destroying it each time? > At at first glance, my idea was to open the database connection with > a StartUpHook and then close with a ShutdownHook, but there is the problem on > how to share the DB handle between the three Hooks. This should be made > securely, because if an attacker is able to obtain the handler, it will be > able to read and write the database without performing authentication first, > I think. In my opinion reusing the Radiator DB handle is the best solution if > it can be implemented. > Thank you very much in advance for your help and for your attention > Alberto > > > _________________________________________________ > radiator mailing list > radiator@open.com.au <mailto:radiator@open.com.au> > http://www.open.com.au/__mailman/listinfo/radiator > <http://www.open.com.au/mailman/listinfo/radiator> > > _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
