Passing information from authenticate to post-auth (was: Why Authorization before Authentication)
ef at math.uni-bonn.de
Fri Nov 25 14:44:38 CET 2011
I was probably too fuzzy about what I actually mean, sorry.
Suppose I'm writing my own module or I'm using rlm_perl.
Then, in authenticate, I gather some information.
Later, in post-auth, I need this information for my authorization policy.
So, as far as I can see, I'll have to put this Information into an attribute.
Am I supposed to use the Tmp-Xxx-N attributes for that?
I think my situation is analogous to rlm_eap storing the issuer certificate in the TLS-Client-Cert-Issuer attribute so you can base policy decisions on that.
More information about the Freeradius-Users