19 Sep
2011
19 Sep
'11
6:33 a.m.
On 19/09/11 11:10, Lorenzo Milesi wrote:
hi. can I make a configuration where I have a radius server which authenticates over an external radius (basically a proxy), but caches the successful logins, so that known users won't get asked upstream (at least for a certain time)?
If the authentication protocol is PAP, yes. You would need to use the post-auth section to create some kind of cache entry, and check it on future requests. But it's a bad idea. For any other authentication protocol (CHAP, EAP), no.
I don't want to replicate the backend database.
Just replicate it. It'll be far easier than trying to hack something up.