Proxy based on Multiple Realms

Alan Buxey A.L.M.Buxey at lboro.ac.uk
Tue Oct 20 10:53:40 CEST 2009


Hi,
> Okay, perfect that was part of the answer I needed, Thanks!
> 
> I guess I now have two more questions:
> 
> 1. Is there a way to "manually" specify a proxy or Realm in the authorize
> section?
> 
> 2. Is there a way to modify the Realms file to find a realm find the realm
> domain.name in from within user.domain.name.  Whenever I try I only get the
> Realm name not domain.name. (i.e. I want it to pick up from the first .
> character not the last )

add a small bit of unlang to the default site... eg
(and this is conceptual, not real code!)

if User-Name contains/ends in .domain.name then
update the realm identifier to be domain.name


in reality this would be *something* (ie no guarantees, check debug
etc to work out why it doesnt work etc) like

if("%{User-Name}" =~ /\.domain\.name$/) {
               update request {
                   Realm := 'domain.name'
               }
               update control {
                    Proxy-To-Realm := 'domain.name'
               }
	}



alan



More information about the Freeradius-Users mailing list