Login-Time and Session-Time Conflict
Adam Tybor
adam.tybor at gmail.com
Fri Sep 29 20:37:29 CEST 2006
Alan,
I tried that prior and I just confirmed it.
I have the following two rows in my radcheck table and I made sure the
natural sort, without the id, that Session-Timeout comes before Login-Time
and I still always get the Login-Time timespan diff as my Session-Timeout
value. Interestingly enough when I debug on the server I see no debug
output for rlm_logintime module. Was this module not included in
1.1.1because when I look at the cvs source code I see where the check
is made and
see tons of DEBUG statements that are not showing up on my console.
Below is an example from my database and test.
radcheck
id user attrib op value
3 freeunlimited Session-Timeout := 120
4 freeunlimited Login-Time := Thu-2030-2130,Fri-1300-1600
radtest
response: Access-Accept
------- attrib dump------
Session-Timeout=9060
Adam
On 9/29/06, Alan DeKok <aland at deployingradius.com> wrote:
>
> "Adam Tybor" <adam.tybor at gmail.com> wrote:
> > I remember reading somewhere that in cases of both attributes being
> used,
> > the most restrictive should be returned, however this is not
> happening. Can
> > someone confirm what the real implementation is? We are running
> freeradius
> > 1.1.1 on a Gentoo linux platform.
>
> If you set Session-Time *before* Login-Time, the Login-Time code
> does the right thing. If you set Session-Time *after* Login-Time,
> then you have to check the values manually.
>
> Alan DeKok.
> --
> http://deployingradius.com - The web site of the book
> http://deployingradius.com/blog/ - The blog
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060929/81d9cb94/attachment.html>
More information about the Freeradius-Users
mailing list