Using return-output from external script as reply-message

S y s C o / developer developer at sysco.ch
Sat May 18 22:43:48 CEST 2013


Hello Stephan, hello Alan,

Have a look at the last beta version
(http://www.1-2-3-4-5-6.net/multiotp/beta/), you can now set a prefix for
the debug mode. for example to be able to handle response by the radius
server ;-)
To set this option : multiotp -config debug-prefix="Reply-Message := "
Any feedback welcome
Best regards,
Andre Liechti

Stefan Kuegler wrote:
> exec multiotp {
>         wait = yes
>         input_pairs = request
>         output_pairs = reply
>
>  That says the script output is a series of "Attribute = Value" lines.
>
> ...and activated this module in the authentication-section of the
> default-configuration (and also in the inner-tunnel-configuration):
> 
> authenticate {
> [...]
>         Auth-Type MultiOTP {
>                 update reply {
>                         Reply-Message = "Hello, %{User-Name}"
>                 }
>                 multiotp
>         }

Alan DeKok wrote:
>  Update sections should generally be in post-auth, but... whatever.
>
>> The external script gives me additional informations (like "OK: Token
>> accepted", "INFO: Authentication failed" etc.) after authentication.
>
>  Which isn't in "Attribute = Value" form, and is therefore ignored.
>
>  Yes.  Fix the script to send:
>
> Reply-Message := "... text ... "




More information about the Freeradius-Users mailing list