pam_radius_auth: simultaneous requests for improved failoverbehaviour

Stefan Winter stefan.winter at restena.lu
Mon Apr 28 14:32:14 CEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

|> To my best knowledge there is no way for PAM modules to maintain state
|> between calls.
|
|   Maybe a proxy RADIUS server would help.  So long as it does nothing
| other than proxying, it should be OK.

yes, we have been considering that. We use PAM a lot though, for many
services. It felt wrong to install a real server while all we'd need was
a bit more clever client. Plus, having a multiude of servers would
introduce more maintenance needs - and an extra component that could
fail eventually. Introducing a new dependency for authentication to work
is just... uneasy.

Greetings,

Stefan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFIFcPO+jm90f8eFWYRAp1BAJsGVUvimm2BHHIJpfouuxDstp4ViACdFeYC
Pd17GL3OqLceTrXBCZdZPYM=
=Ffi+
-----END PGP SIGNATURE-----



More information about the Freeradius-Devel mailing list