Optional authorize methode
Ricardo Frías Alvarez
ricardo.frias at upc.edu
Wed Oct 6 13:31:26 CEST 2010
Hello!
I don't know how to configure Radius to do this : I want that radius
accepts the access, if files or ldap returns ok. In descriptive code:
IF files return 'OK' THEN access-accept
ELSE IF ldap return 'OK' THEN access-accept
ELSE access-reject
After I saw the documentation, I thought that I can do this with
fail-over and I add this code to sites-enabled/default:
authorize {
...
group {
files {
fail = 1 # remember "fail" with priority 1
ok = return # if we succeed, return "ok"
# if "detail1" returned "fail"
}
ldap {
fail = 1 # remember "fail" with priority 1
ok = return # if we succeed, don't do "detail2"
}
}
...
With this configuration it's happening the following: If files return OK
the username/password are accepted. If files return fail
username/password are rejected directly.
This is not what I want. I want that if files fail then check ldap.
How I can configure radius to implement this functionality?
Thanks you very much,
Ricardo Frías.
More information about the Freeradius-Users
mailing list