authorize an user using a multivalue ldap attribute

Ana Gallardo ana.gallardo.77 at gmail.com
Fri Oct 22 10:18:39 CEST 2010


Hello,

I have a string attribute named Relaciones in my ldap.

This attribute can have more than one value. Actually I return those values
in the reply:

Sending Access-Accept of id 229 to X.X.X.X port 32796
    Relaciones += "-11"
    Relaciones += "03"
    Relaciones += "-01"

I want to authorize the access only if there is one attibute Relaciones
whith a positive value. So I would like to use unlang in authorize module to
check all the attributes "Relaciones" whit a regex, but I don't know how can
I check all the attributes, and how can I stop procesing the attributes if I
found one wihtout a minus sign.


if ("%{reply:Relaciones}" =~ /^([0-9]{2})/) {

}


Thanks very much, and sorry for my english.


-- 
____________________

  Ana Gallardo Gómez
____________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20101022/fbdcafe0/attachment.html>


More information about the Freeradius-Users mailing list