On Apr 9, 2016, at 9:54 PM, Anirudh Malhotra <8zero2ops@gmail.com> wrote:
I am doing PEAP with GTC authenticate my LDAP clients, I fetch some attribute in LDAP module and is store it in session-state and later check them in outer post-auth.
That's good.
I am facing this problem in which when client is re-authenticating and the Phase2 is skipped with 'Skipping Phase2 because of session resumption', for expediting the process. The LDAP attribute value is not fetched and hence post-auth doesn't get that value which then fails the authentication(configured like that by me, Set of rules which check value of the attribute and fails by default if none condition is matched or attribute is not fetched)
You will need to cache those attributes. See the "cache" section of the "eap" module. Alan DeKok.