On 23/01/13 14:47, Miha wrote:
Hi,
my radius client is sending with user-name and password aslo realm. I can not disable sending realm, is it possible to configure radius that will not user realm with user-name (user-name@realm)?
[digest] Digest-Attributes look OK. Converting them to something more usful. *Digest-User-Name = "018108500"* *Digest-Realm = "test1.opensips.softnet.si"* Digest-Nonce = "510001fb00000006c9cc728438be21e324f917a5ea234380" Digest-URI = "sip:+38588888882@test1.opensips.test.si" Digest-Method = "INVITE" [digest] Adding Auth-Type = DIGEST ++[digest] returns ok [suffix] Looking up realm "test1.opensips.softnet.si" for User-Name = *"018108500@test1.opensips.**test.si*" [suffix] No such realm "test1.opensips.softnet.si" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [sql] expand: %{User-Name} -> *018108500@test1.opensips.**test.si*
Radius will need to chack only user-name (*018108500*).
Sure. The easiest option is something like this: authorize { ... if (User-Name =~ /^(.+)@(.+)$/) { update request { Stripped-User-Name := "%{1}" Realm := "%{2}" } } ... } ...and then ensure your SQL/files/whatever modules use an appropriate expansion for their "key" value e.g. sql { ... sql_user_name = "%{%{Stripped-User-Name}:-%{User-Name}}" ... } This is the default. So basically, you identify the realm yourself, set "Stripped-User-Name", and use that.