multiple entries per radius_check table

Matt Zagrabelny mzagrabe at d.umn.edu
Mon Jul 1 18:59:47 CEST 2013


Greetings,

I am using a Pg datastore to hold authentication data and using the Pg
module for FR to hook into it.

I am using a basic view for the radius_check table:

# SELECT  * from radius_check_users where username = 'mzagrabe';
  id   | username |   attribute    | op |               value
-------+----------+----------------+----+------------------------------------
 1 | mzagrabe | Crypt-Password | := | $1$somehash

I'd also like to have the option of denying users with something like:

atlas-# SELECT * from radius_sanction where username = 'mzagrabe';
  id   | username | attribute | op | value
-------+----------+-----------+----+--------
 1 | mzagrabe | Auth-Type | := | Reject
(1 row)

I'd like to create a UNION of these two views so that both records
would be returned when FR queried for 'mzagrabe'. Is it enough to
ensure that the "Reject" records appears before the "Crypt-Password"
records in the resulting UNION for FR to reject the request?

Any other advice or hints?

Thanks!

-mz


More information about the Freeradius-Users mailing list