After installing the package and saving all configs my default config looks like: authorize { check_access_rest } authenticate { } I’ve created a rest file in the mods-enabled folder and placed the following content into: rest check_access_rest { connect_uri = "http://pastebin.com/raw/WuVWAEZQ" connect_timeout = 4.0 authorize { uri = "${..connect_uri}/auth/%{User-Name}" method = 'get' } authenticate { } accounting { } post-auth { } pool { start = ${thread[pool].start_servers} min = ${thread[pool].min_spare_servers} max = ${thread[pool].max_servers} spare = ${thread[pool].max_spare_servers} uses = 0 lifetime = 0 idle_timeout = 60 } } The rest script itself looks like: rest check_access_rest { connect_timeout = 4.0 authorize { uri = "http://192.99.59.135/demo" method = 'get' } authenticate { } accounting { } post-auth { } pool { start = ${thread[pool].start_servers} min = ${thread[pool].min_spare_servers} max = ${thread[pool].max_servers} spare = ${thread[pool].max_spare_servers} uses = 0 lifetime = 0 idle_timeout = 60 } } This results in the following ouput, when making a demo request: rlm_rest (check_access_rest): Reserved connection (1) (1) check_access_rest: Expanding URI components (1) check_access_rest: EXPAND http://192.99.59.135 (1) check_access_rest: --> http://192.99.59.135 (1) check_access_rest: EXPAND /demo (1) check_access_rest: --> /demo (1) check_access_rest: Sending HTTP GET to "http://192.99.59.135/demo" (1) check_access_rest: Processing response header (1) check_access_rest: Status : 200 (OK) (1) check_access_rest: Type : json (application/json) (1) check_access_rest: Parsing attribute "Auth-Type" (1) check_access_rest: EXPAND Accept (1) check_access_rest: --> Accept (1) check_access_rest: Auth-Type := Accept rlm_rest (check_access_rest): Released connection (1) rlm_rest (check_access_rest): Need 4 more connections to reach 10 spares rlm_rest (check_access_rest): Opening additional connection (6), 1 of 26 pending slots used rlm_rest (check_access_rest): Connecting to "http://pastebin.com/raw/WuVWAEZQ" (1) [check_access_rest] = updated (1) } # authorize = updated (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /etc/freeradius/sites-enabled/default (1) Post-Auth-Type REJECT { (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> testing
From my point of view server should allow each connection at the moment, since my PHP script will return the JSON to accept all the time.
reagrds; janis
Am 22.07.2016 um 15:16 schrieb Matthew Newton <mcn4@leicester.ac.uk>:
On Fri, Jul 22, 2016 at 01:05:49PM +0000, A.L.M.Buxey@lboro.ac.uk wrote:
I’ve found the rest module in the mods-available folder. I placed the sample config into this file and copied it to mods-enabled. Now when I try to start radius (in debug mode) it shows:
/etc/freeradius/mods-enabled/rest[1]: Failed to link to module 'rlm_rest': /usr/lib/freeradius/rlm_rest.so: cannot open shared object file: No such file or directory
the config file is there...but your server was built without rest support. recompile with required libraries/headers present
Or install the freeradius-rest package if installed from packages.
Matthew
-- Matthew Newton, Ph.D. <mcn4@leicester.ac.uk>
Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp@le.ac.uk> - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html