Alan DeKok wrote:
Arran Cudbard-Bell wrote:
I have to confess I had assumed the proxy behaviour was to allow reply attributes set in the authorise section to be sent on successful authentication by the home server, and structured my configuration to take advantage of this (as it seemed the logical way for things to work).
That can be done... but it's still a little wrong.
Marginally wrong, but then as discussed previously, the order of things in general is currently a little wrong.
So repeat plea for configuration option to allow the original reply to be combined with the *heavily filtered* reply from server.
That can be done. But the post-proxy-authorize configuration will NOT be re-added. It's indescribably wrong, and breaks things.
Are you referring to the option that sends the request back through the main authorize section after proxying? If yes, then I agree. It's also very inefficient .
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
Thanks, Arran