Post-auth and Rejected logins

Alan DeKok aland at deployingradius.com
Mon Sep 26 23:38:45 CEST 2011


Johan Meiring wrote:
> If the auhtentication as OK, and my perl module then decides to reject
> the Authentication (by returning RLM_MODULE_REJECT), 

  Don't do that.

  The post-auth section is for running modules AFTER the user has been
accepted or rejected.  It doesn't make much sense to accept the user,
and then reject them.

  Instead, reject the user earlier in the packet processing.

  Alan DeKok.



More information about the Freeradius-Users mailing list