How to Disable RADIUS user logins if 'Session-Timeout' falls below 0

Mon Aug 22 14:11:52 CEST 2005

Use the couter module – it does exactly what you want without triggers etc.

Regards

Jaco van Tonder

________________________________________
From: freeradius-users-bounces at lists.freeradius.org
[mailto:freeradius-users-bounces at lists.freeradius.org] On Behalf Of
sagar.patil at bt.com
Sent: 17 August 2005 11:28 AM
To: freeradius-users at lists.freeradius.org
Subject: How to Disable RADIUS user logins if 'Session-Timeout' falls below
0

Hi All,
I am using FreeRadius with PostgreSQL and everything is running like a charm
besides a small issue.

I am using ‘session-timeout’ attribute in radreply table to control user
session time. 
I have added a trigger on RADACCT table which subtracts amount of time used
by user from RADREPLY each time when he logs in.
It does work but when time is below 0 or negative I need to stop user from
getting into my system and I am failing to do so.

Here are my RADREPLY Table entries 

INSERT INTO radreply (id, username, attribute, op, value) VALUES (2,
'sagar', 'Idle-Timeout', ':=', '300');
INSERT INTO radreply (id, username, attribute, op, value) VALUES (3,
'sagar', 'Reply-Message', ':=', 'You Have Logged in Successfully');
INSERT INTO radreply (id, username, attribute, op, value) VALUES (1,
'sagar', 'Acct-Interim-Interval', ':=', '120');
INSERT INTO radreply (id, username, attribute, op, value) VALUES (4,
'sagar', 'Session-Timeout', ':=', '-904');

The easiest way would be altering Authenticate SQL and adding a condition to
check Session-Timeout to see it doesn’t fall below 0
I am not very good in POSTGRES so can someone please let me know how to do
it.

The other way would be using a Function /Procedure to carry out this check
but my question is how to use procedures/functions in postgres.conf 

        authenticate_query = "SELECT Value,Attribute FROM ${authcheck_table}
\
                WHERE UserName = '%{User-Name}' AND ( Attribute =
'User-Password' OR Attribute = 'Crypt-Password' ) \
                ORDER BY Attribute DESC"

Sagar Patil
British Telecommunications plc 
Registered office: 81 Newgate Street London EC1A 7AJ 
Registered in England no. 1800000. 

This electronic message contains information from British Telecommunications
plc which may 
be privileged or confidential. The information is intended to be for the use
of the individual(s) or 
entity named above. If you are not the intended recipient be aware that any
disclosure, 
copying, distribution or use of the contents of this information is
prohibited. If you have 
received this electronic message in error, please notify us by telephone or
email (to the 
numbers or address above) immediately.