12 Oct
2010
12 Oct
'10
12:09 p.m.
Hi,
authorize { if (User-Name =~ /^(.*)@(.*)/) { update request { User-Name := "%{1}" Realm := "%{2}" } if (Realm !~ /mydomain\.ox\.ac\.uk/i) { # invalid reject } } }
beware of blank outerid as per the RFC - ie @mydomain.ox.ac.uk is 100% legit. you need to ensure that the unlang and regex handles this.
Which is "better" will depend on exactly what you're trying to do. I use the former, but mostly for historical reasons. The latter may be somewhat more flexible.
I've moved to the latter because of the flexibility - especially if you have 3rd party realms to deal with that wont be sent off to a default external proxy farm. alan