Paul Tinson wrote:
The issue is I want to do a realm based auth for one realm and return some L2TP information. So in proxy.conf I have added the realm, in users I have added a user like this: realm and ip changed to protect the innocent
DEFAULT Realm == "womble.co.nz", Auth-Type := Accept
That says "set Accept authentication during the authentication phase" ...
[files] users: Matched entry DEFAULT at line 87 ++[files] returns ok [sql] expand: %{Orcon-User-Name} ->
That's what's supposed to happen.
I would have thought this configuration should result in the users file being scanned and then returning Auth-Type: Accept and not then processing the sql authorize module.
No.
Have I missed something simple, or does this config look right.
The configuration is wrong. Setting "Auth-Type = Accept" doesn't mean "stop authorization". It means "use Accept authentication" If you want to avoid processing the SQL module, use module-failover, or "unlang". See "man unlang" authorize { ... files { ok = return } sql ... } Alan DeKok.