Custom Reply-Message for Simultaneous-Use
Hi, I need to be able to return a user-specific Reply-Message attribute in the event of simultaneous-use being detected. In auth.c, this message is currently hard-coded. I'm considering the following approach: if sim-use is detected, look for a new attribute in the reply items list whose value is the custom message. If it exists, use it for the Reply-Message; if not, use the existing hard-coded value. Is this a sensible approach? If not, what should I do? Many thanks, josh. Josh Howlett, Networking Specialist, University of Bristol. email: josh.howlett@bristol.ac.uk | phone: +44 (0)7867 907076 | interal: 7850
On Tue, 27 Jun 2006, Josh Howlett wrote:
Hi,
I need to be able to return a user-specific Reply-Message attribute in the event of simultaneous-use being detected. In auth.c, this message is currently hard-coded.
I'm considering the following approach: if sim-use is detected, look for a new attribute in the reply items list whose value is the custom message. If it exists, use it for the Reply-Message; if not, use the existing hard-coded value.
Is this a sensible approach? If not, what should I do?
Better, create a new configuration directive which will hold the message to send and use that in auth.c. xlat() the message before using it so that you can perform almost any operation you want before sending back the message like: sim_use_message = "You are already logged in: %{My-Attribute}"
Many thanks, josh.
Josh Howlett, Networking Specialist, University of Bristol. email: josh.howlett@bristol.ac.uk | phone: +44 (0)7867 907076 | interal: 7850
-List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
-- Kostas Kalevras Network Operations Center kkalev@noc.ntua.gr National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf
On 27 Jun 2006, at 12:22, Kostas Kalevras wrote:
On Tue, 27 Jun 2006, Josh Howlett wrote:
Hi,
I need to be able to return a user-specific Reply-Message attribute in the event of simultaneous-use being detected. In auth.c, this message is currently hard-coded.
I'm considering the following approach: if sim-use is detected, look for a new attribute in the reply items list whose value is the custom message. If it exists, use it for the Reply-Message; if not, use the existing hard-coded value.
Is this a sensible approach? If not, what should I do?
Better, create a new configuration directive which will hold the message to send
Much better :-). Is server_config[] be the appropriate place to define this? (mainconfig.c:103)
and use that in auth.c. xlat() the message before using it so that you can perform almost any operation you want before sending back the message like: sim_use_message = "You are already logged in: %{My-Attribute}"
That sounds better. I assume I just need to ensure that (1) %{My- Attribute} is defined somewhere in the dictionary (the internal server dictionary?) and (2) the attribute is added to the reply list by whatever module is being used for AuthZ. Is there anything else? Thanks, josh. Josh Howlett, Networking Specialist, University of Bristol. email: josh.howlett@bristol.ac.uk | phone: +44 (0)7867 907076 | interal: 7850
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi everybody, I have the following question about the integration of OpenLDAP and Freeradius: Is it possible to use SASL authentication (EXTERNAL) with freeradius (rlm_ldap)? Because we would like to use x509 certificates between freeradius server and ldap server. Thanks! - -- Juan C. Sanchez-DelBarrio BSC-CNS http://www.bsc.es -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEoTKuuTjrcywy/oMRAtFxAJ0ci/dNzDUcuwGuiClxbcUeimsAEACbBtF0 jLh9p9UA6rQFzyxeLD8VEmA= =Dm8m -----END PGP SIGNATURE-----
Josh Howlett <josh.howlett@bristol.ac.uk> wrote:
Much better :-). Is server_config[] be the appropriate place to define this? (mainconfig.c:103)
I guess... I'd really like to move much of the global server config into modules. I'm partway there with proxying, so that's a bit better.
That sounds better. I assume I just need to ensure that (1) %{My- Attribute} is defined somewhere in the dictionary (the internal server dictionary?) and (2) the attribute is added to the reply list by whatever module is being used for AuthZ. Is there anything else?
I don't think so. Call it Simultaneous-Use-Message, unless there's a better name. Alan DeKok.
participants (4)
-
Alan DeKok -
Josh Howlett -
Juan C. Sanchez-DelBarrio -
Kostas Kalevras