Authorisation chaining
(Hopefully this one will go through)
Hi, I've been playing around with FreeRadius for a bit and was
wondering if it is possible to have an authorisation chain,
something like:
My first Auth method is using certificates, if this method fails,
try to auth using login/passwd with mysql, and if this second method
fails, try using a script of my own, and if this very last method
fails, then reject the client.
By separate parts it works. I have one radiusd.conf file for
certificates, another one for mysql and a last one for my script.
The problem comes when I try to merge those methods. Right now I'm
experimenting with MySQL + MySCRipt, then I provide random
user/passwd in order to cause MySQL auth to fail and to grant access
through my script. MySQL says "user not found", my script says "ok"
and eap says "nope" and rejects.
Is there a way to do this?
Thanks in advance
Cheers
Hector
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.