Some question about Athorization of FreeRadius.
snan4love at hotmail.com
Fri Apr 13 18:06:06 CEST 2012
I just set a FreeRadius server for a few days,it works fine, but i still have a lot of confusions about to understand this server.
The first one, Athoriztion! FreeRadius is AAA server, I know what the Authentication does,I know what the Accounting does, but I dont know what the Athorization does.
I read some document, i know the Athorization working with the concept of "Attribute",and today, i read some source code of a Radius Client(ChilliSpot),right now my understanding of Athorization and Attributes is: The radius client defines some Attributes, when a user try to connect to the NAS who is running the client, the Radius Server will tell the NAS what these Attribute values of this user should be by using radreply or groupreply. Depends on different Attributes value, The NAS will know what a user could do and what he could not do,and this will defined in some other program running in NAS. That is what we call Authorization. Does my understanding correct or not?
Second question, the Attribute belong to a NAS or Belong to a user or some is NAS's attribute ,some is user;s attribute?
Right now,i have a project which require different user will get different bandwidth when sharing a NAS, i read the Radius Client program (chillispot),it has a Attribute "Radius_BANDWIDTH_DOWN_MAX",after trace this attribute in the source code of the client program, i find that , finally,it set a enviroment variable named "WISPR_BANDWIDTH_DOWN_MAX"of the NAS OS,does any one knows,how the NAS control the bandwidth after set this enviroment varibale???
and one more question,does anyone have experience of set the Attribute "BANDWIDTH_DOWN_MAX"(of course different name in different NAS) for radreply?, the MAX BANDWIDTH means the NAS have this MAX bandwidth, all user will share these bandwidth? or the specific user whose reply from Radius Server contain this attribute has this limit, there is no affect on other users who do not have this attribute?
sorry for so many questions, any hint will be really appreciate.
Thank you in advanced.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Freeradius-Users