Best way to deny users not matching any groups in the SQL DB
Sylvain Munaut
s.munaut at whatever-company.com
Mon Feb 22 16:46:43 CET 2016
>> Well my use case is not that simple :)
>> If you're issued a cert you can prove who you are. But then depending
>> on who you proved you were, you're going to be granted / denied access
>> to whatever you're requesting to access.
>
> That has *nothing to do with EAP-TLS*. You're again confusing two unrelated issues.
Do you even read what I write ?
Matthew wrote :
"if you can present a valid certificate then you are permitted to connect."
To which I responded :
"""
If you're issued a cert you can prove who you are. But then depending
on who you proved you were, you're going to be granted / denied access
to whatever you're requesting to access.
"""
WHERE in that am I mixing things up ?!?
>>> FreeRADIUS doesn't just let anyone connect when you've not
>>> permitted them to.
>>
>> I never said it did.
>
> That's what you implied.
I definitely didn't mean to imply anything of the sort.
I already apologized if it sounded that way but there is really
nothing I can do if you don't believe me ...
Cheers,
Sylvain
More information about the Freeradius-Users
mailing list