23 Nov
2011
23 Nov
'11
7:34 a.m.
A probably simple question I could not find explained in the FAQ or the Concepts section: Given that Authentication is proving who I am and Authorization is checking what I'm allowed to do, I naively would have expected a RADIUS server to first authenticate me an then check my authorization. Surely for a reason, what FreeRADIUS does is the other way round: first try all authorization modules and then use one authentication module. I hope I got this right. I would like to be pointed to a document explaining the rationale behind this. It's probably obvious to anyone familiar with the matter, but that doesn't include me. Thanks.