6 Nov
2009
6 Nov
'09
5:03 a.m.
Bob Brandt <bob@brandt.ie> writes:
I have a little problem that I would like to fix:
My setup right now works great, however there is only little problem, even if the user is rejected (i.e. incorrect password) all the user attributes are still returned. I think this is a slight security risk, since all you need to know is the username to retrieve information about the network...
I am trying to stop this but placing an entry at the top of the users file, but I can not figure out what variable to test for?
Any ideas? Where would I look?
raddb/attrs.access_reject Bjørn