Hi,
This looks like something I should be doing but I have no idea where to insert this section. Is it in proxy.conf or somewhere else? And
in the authorize section of your virtual server, straight after the preprocess/suffix/realm module calls (ie before any real authorization action)
With this configuration, I guess I don't need realm's LOCAL or NULL?
correct - you will deal with your LOCAL realm by handling your defined realm, with eduroam you dont want to EVER authenticate a user you hasnt provided a realm - because , for your own users, they may work fine....when they are at your site....they then think/believe their configuration works...and then find it doesnt work when they go to another eduroam site...and then they'll blame that site, your site or eduroam. best policy for eduroam is ALWAYS ensure a realm is defined on the client alan