Jeremiah Peterson wrote:
I see that it is possible to create realms and have each realm use a different proxy, but what I am more interested in is having the authentication method be selected based on client.
For example:
If the request comes from IP 10.10.10.10 and user bob then use home_server_pool xxx (and return attribute "blah blah blah") If the request comes from IP 10.20.20.20 and user bob then use home_server_pool yyy (and return attribute "yadda yadda yadda") If the request comes from IP 10.30.30.30 and user bob then use home_server_pool zzz (and return results from SQL query "xxxxx")
Most of this can be done via "unlang". It has if/then/else checks, just like you wrote above. You can even update the control items to have "Home-Server-Pool := xxx".
I can see how this is done when making the user enter a realm name or prefix or suffix to the username, but I don't want to do that for every authentication. I want the authentication method to be selected based on the client.
You can select the *source* for authentication credentials. You can't select the authentication *method*. The client selects that. (PAP, CHAP, etc.)
I have been searching for details on all the configuration files but I am not finding anything very conclusive or explanatory on how to build custom sites.
It's pretty simple: if ((Packet-Src-IP-Address == 10.10.10.10) && (User-Name == "bob")) { update control { Home-Server-Pool := "xxx" } } You can't edit the reply here, because it's set by the home server. You'll need to set the reply in post-auth. Alan DeKok.