Hi Alan, The problem is that the only documentation for this specific implementation states "Normal virtual server configuration goes here" and that's it. If I was taking it literally I would have assumed it meant the rest of the virtual server configuration since that's what it says. The way I understand the authorize section to work is that it receives an Access-Request first, validates the information within the Access-Request, and ensures, based on the enabled modules, that the correct attributes are in the Access-Request for the Authentication section to be able to process. If they are, it then sets the Auth-Type for the Authentication section accordingly. Autz-Type is only going to be used if no other module takes responsibility for Authorization similar to how Auth-Type works in Authentication. Many thanks On Fri, Sep 27, 2024 at 9:00 AM Alan DeKok <aland@deployingradius.com> wrote:
On Sep 26, 2024, at 5:17 PM, FreeRAD <yetifreerad@gmail.com> wrote:
All the debug gives me is the error message but no assistance as to why
the
error message appears. I know it has something to do with what is included in the "else" statement which is why I'm querying what needs to be in the "else" statement. Since based on the guide I mentioned, I have put in there what needs to be put in there.
One approach is to simply try nothing, give up, and ask for help. Another, more productive approach, is to try to understand how the server works.
If you look at the page you mentioned, it does not say "blindly put everything into the else statement". You still need to think, and understand what the rest of the "authorize" section does.
The "Autz-Type" behavior is documented. You can't just bury it inside of "else" statements. It won't work, and will produce an error.
If you want to skip the rest of the "authorize" section, there is a "return" statement. Which is documented. Just go to freeradius.org, and read the online documentation.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html