"George C. Kaplan" <gckaplan@ack.berkeley.edu> wrote:
I've been wondering about this, in relation to the rlm_perl module. We see "Don't set Auth-Type in the users file" all over the place, but with rlm_perl, the %RAD_CHECK hash is read-only. So if I'm using perl for authorization, I *have to* set the Auth-Type in the users file.
It's not "don't set Auth-Type in the users file", it's "don't set it ANYWHERE". Almost all instances of people forcibly setting it are wrong. There *are* a few places where setting it is OK, but those are rare, and require carefully analyzing what you're doing.
This isn't really a problem (since it all works the way I want), but it seems inconsistent, especially considering that other modules can modify the request or check items. So, why were %RAD_CHECK and %RAD_REQUEST made read-only?
No idea. They should be writable. Alan DeKok.