How to determine the type of request? (EAP or not EAP)

work vlpl thework.vlpl at gmail.com
Tue May 1 11:37:37 CEST 2018


I have virtual site, that works with both EAP and not EAP request. In
general case the main field, that used to query database or other storage
is Username.
EAP request usually has two identity anonymous and real. If user put in
anonymous identity real username, that exists in database or users file. It
can lead (in my case) to unexpected behavior. For example redirect request
to home server.
To handle this situation I added in "outer" virtual site the if clause like
this

authorize {
     chap
     mschap

     if (!&EAP-Message) {
         ...
         code that will be executed
         only for not EAP requests
         ...
     }

     eap
     pap
}


Is it safe to assume what all EAP request will have internal/real identity?
Is there exists other better way to detect, (EAP request) what this
Username is anonymous identity?


More information about the Freeradius-Users mailing list