problem with proxying
hacklberry
hacklberry at hacklberry.net
Wed Oct 31 00:41:45 CET 2007
I wrote a little module for freeradius that is forwarding the incoming
authentication requests to another server (to do the authentication).
However I have to support proxying (in case there is a 3rd party RADIUS
server).
I can not take advantage of realms, because the users are login without
any realm suffixes, prefixes, etc. (User bob simply uses username
'bob'). The problems is that bob can be a valid user on our server
as well on the 3rd party RADIUS server.
I tried to experiment with the Proxy-To-Realm attribute in the users
file, but haven't had any luck either.
Here is what I m trying to do:
use my module rlm_xxx to authenticate user bob
- if success i don't need anything else
- if failure i want to proxy the authentication
request to a 3rd party RADIUS server
- if the authentication on the 3rd party RADIUS
server succeeds I registered a post-proxy
function in my module, where I m decreasing
failed authentication count on the first server
All these steps are working (separatelly) , but I m not able to make them
work together, i.e. my authentication works, but no proxying, or the proxying
works (when i setup the 3rd party RADIUS in the NULL realm) - but then my
authentication against the first server is not called at all (my modules
authenticate function is not called), the request is proxied without
attempting my authentication function, only the post-proxy function on my
module is called.
I wonder if you could suggest how to configure freeradius to achieve what
I m trying to do (if it is possible at all of course),
cheers,
martin
More information about the Freeradius-Users
mailing list