On Mon, Jul 1, 2013 at 3:30 PM, Arran Cudbard-Bell <a.cudbardb@freeradius.org> wrote:
On 1 Jul 2013, at 17:59, Matt Zagrabelny <mzagrabe@d.umn.edu> wrote:
Greetings,
I am using a Pg datastore to hold authentication data and using the Pg module for FR to hook into it.
I am using a basic view for the radius_check table:
# SELECT * from radius_check_users where username = 'mzagrabe'; id | username | attribute | op | value -------+----------+----------------+----+------------------------------------ 1 | mzagrabe | Crypt-Password | := | $1$somehash
I'd also like to have the option of denying users with something like:
atlas-# SELECT * from radius_sanction where username = 'mzagrabe'; id | username | attribute | op | value -------+----------+-----------+----+-------- 1 | mzagrabe | Auth-Type | := | Reject (1 row)
I'd like to create a UNION of these two views so that both records would be returned when FR queried for 'mzagrabe'. Is it enough to ensure that the "Reject" records appears before the "Crypt-Password" records in the resulting UNION for FR to reject the request?
It can appear before or after, it doesn't matter.
https://github.com/FreeRADIUS/freeradius-server/blob/master/src/modules/rlm_...
Great! Thanks, Arran! Sincerely, -mz