this reauthorization coa feature compatible with chillispot/coovachilli or not ?

On Nov 5, 2014 12:25 AM, "Alan DeKok" <aland@deployingradius.com> wrote:
  We've been busy. :)

  One minor but nice feature is that the debug messages are now
indented, based on syntax.  e.g. previously, for a nested "if"
statement, we had:

...  if ..
     if

we now have:

     if (...)
      if (...)

  which is a bit easier to read.

  For people doing CoA, the "session-state" functionality has now been
added to the "originate-coa" functionality.

  This lets you re-authorize a user, without checking passwords.  See
the following link for details:

https://tools.ietf.org/html/rfc5176#section-3.2

  When originating a CoA packet, you can do:

        update session-state {
                ... attributes ...
        }

  When the NAS sends an Access-Request, you can check it:

        if (Service-Type &&
            (Service-Type == Authorize-Only)) {
                if (!session-state) {
                        reject
                }

                ... re-authorize the user
                ... he's already authenticated!
        }

  That re-authorization was pretty much impossible before.  It's now
trivial.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html