How to properly deal with HTTP 200 response with body with rlm_rest?

Martin Gignac martin.gignac at
Fri Apr 26 21:28:01 CEST 2019

Hi Arran,

Try as I might, I couldn't figure out where to put this successfully
in sites-enabled/default:

> rest {
>         updated = 1
> }
> if (updated) {
>         ok
> }

What I ended up trying (and what worked for me) was that I modified
rlm_rest.c to return 'ok' even in the presence of a body during the
'authenticate' phase:

diff --git a/src/modules/rlm_rest/rlm_rest.c b/src/modules/rlm_rest/rlm_rest.c
index 7cd1b45..2d9a033 100644
--- a/src/modules/rlm_rest/rlm_rest.c
+++ b/src/modules/rlm_rest/rlm_rest.c
@@ -513,7 +513,7 @@ static rlm_rcode_t CC_HINT(nonnull)
mod_authenticate(void *instance, REQUEST *re
                        ret = rest_response_decode(inst, section,
request, handle);
                        if (ret < 0)       rcode = RLM_MODULE_FAIL;
                        else if (ret == 0) rcode = RLM_MODULE_OK;
-                       else               rcode = RLM_MODULE_UPDATED;
+                       else               rcode = RLM_MODULE_OK;
                } else if (hcode < 500) {
                        rcode = RLM_MODULE_INVALID;

This is the only change I needed to have my scenario working. Indeed,
the Filter-ID attribute is retrieved from the JSON payload of the HTTP
response and is automatically appended to the returned Access-Accept
message, as I needed it to be.

Since I'm OK with having a modified rlm_rest module this appears the
simplest way for me to get the required behavior in my situation.


More information about the Freeradius-Users mailing list