Access-Accept if user exists in database

Alexandre Chapellon a.chapellon at horoa.net
Mon Jan 30 15:10:03 CET 2012


Just make your user radcheck sql query return:

User-Name = "scott"
Auth-Type := Accept


That should be enough.

Le 30/01/2012 13:51, Mika a écrit :
> Hello.
> Running 2.1.10 with virtual-servers configured with many port
> configurations, sql modules loaded and working.
> The idea for this new port is:
> Users authenticating with smartcards that get checked outside the FreeRadius
> and we want to permit/deny access if the user-name does or does not exist in
> a SQL database.
> This means no User-Password checking.
> We have the NAS configured so it will send user-name and an empty or a bogus
> password in the Access-Request for each User-Name
> I would like to add a port configuration that checks the above.
> My unlang skill are limited so i am hoping for some good pointers here.
> Something like:
>
> authorize {
> update request {
> TmpString := "%{sql:select User FROM table where.... }"
> if User-Name == %{TmpString}
> send Access-Accept
> else
> send Access-Reject
>
> There are probably easier ways of doing this?
> Is this possible or is the User-Password required for every authentication?
> Any help appreciated.
>
> Regards
> Mika
>
>
> --
> View this message in context: http://freeradius.1045715.n5.nabble.com/Access-Accept-if-user-exists-in-database-tp5441329p5441329.html
> Sent from the FreeRadius - User mailing list archive at Nabble.com.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-- 
<http://www.horoa.net>

Alexandre Chapellon

Ingénierie des systèmes open sources et réseaux.
Follow me on twitter: @alxgomz <http://www.twitter.com/alxgomz>




More information about the Freeradius-Users mailing list