Stripped-User-Name not set when using nostrip?
p.mayers at imperial.ac.uk
Wed Jul 3 22:11:13 CEST 2013
On 03/07/2013 18:17, Júlíus Þór Bess Ríkharðsson wrote:
> On 03/07/13 16:24, Júlíus Þór Bess Ríkharðsson wrote:
>>> For some reason I cannot get Stripped-User-Name attribute to get
>>> populated when using nostrip for a realm. Is this normal
>>> behaviour or am I missing something?
>> Normal. "nostrip" means "don't populate Stripped-User-Name"
> Phil: When I unset nostrip the User-Name attribute gets stripped. So
> it made sense to me that nostrip would apply to User-Name but would
> still give the option of Stripped-User-Name.
I don't understand this.
The source code is pretty clear:
The "User-Name" attribute isn't touched; a new Stripped-User-Name
attribute is used.
As I said, request->username is updated, but I'm pretty sure nothing
much uses this; I'm sure the EAP "identity == username" check doesn't:
...explicitly compares to User-Name, not Stripped-User-Name.
Have you actually *tried* this, because it should work. If it doesn't,
it's likely a problem in your local config.
More information about the Freeradius-Users