2 Jul
2013
2 Jul
'13
2:41 a.m.
On 2 Jul 2013, at 07:18, Phil Mayers <p.mayers@IMPERIAL.AC.UK> wrote:
On 07/02/2013 02:30 AM, Matt Zagrabelny wrote:
If a user is not in the secret group, then their login should fail if the Vendor-3076-Attr-146 = 0x554d44 pair is in the request.
This is pretty easy:
authorize { ... if (Vendor-3076-Attr-146 == 0x554d44) { if (SQL-Group == secret) { noop } else { reject } } ... }
Actually no. Undefined attributes should not be modified or evaluated. You'll need to find the proper definition for the attribute and add a new dictionary entry. Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS Development Team