"different authentication methods" I really mean different user data stores and different methods like an optional second factor. I can wrap everything is a custom auth module, however I will still need a way to know which data store to use.
On Tue, Aug 14, 2012 at 8:40 PM, Diego Matute <dmatute@cyphercor.com> wrote:what "different authentication methods"? Did you mean something like
> The use case is configuring FreeRADIUS to accept requests from unknown
> clients with different policies. By different policies I mean different
> authentication methods. I thought the secret key could be used to
> differentiate the calls and apply the correct policy. Have I missed
> something here?
PAP vs EAP? If yes, FR does that automatically.
realms and NAS IP address are also attributes. You can (for example)
>
> The domain names and potentially IP addresses clients use to configure the
> target RADIUS server could differ. However, in the backend there would be a
> single server servicing requests. Not a big fan of this approach. Another
> way would be requiring the client to configure additional attributes to be
> passed down in the request.
select which backend to use (e.g. which sql server, or whether to use
LDAP vs perl) based on certain attributes (including realm and NAS IP
address) using unlang: http://freeradius.org/radiusd/man/unlang.html
--
Fajar