I have read documentation for rlm_rest. As I can see there is no possibility to process/manipulate the whole REQUEST ( in case the rlm_perl module is RLM_REQUEST ) attributes ( because the module sends only a limited attribute set via uri ). And I assume the rest module won't send any attribute CONFIG ( in case the rlm_perl mode is RLM_CONFIG ). Therefore this module I can use only for basic authentication, not for complex business logic. Peter Balsianok On Mon, Mar 21, 2022 at 4:20 PM Alan DeKok <aland@deployingradius.com> wrote:
On Mar 21, 2022, at 10:13 AM, Brian Julin <BJulin@clarku.edu> wrote:
(Writing that makes me wonder if there would be a way to do a "pre_exec" on generic stuff run by rlm_exec, if the executed code was cooperative enough to wait on a socket after loading and before proceeding.)
Sure. The "rlm_java" module did that back in the v2 days. It was removed was it was entirely unmaintained. :(
TBH, any "pre-exec" thing would end up having to serialize attributes down a pipe, at which point it's starting to look like json + REST. It's likely better to re-use an existing ecosystem, instead of creating another one.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html