Hi John & Alan, Kindly clarify

Does this means, it is posible to use only authorize function of FR and process all authentication requests with following virtual server?

  1. server accept_all_requests {
               authorize {
    
               update control {
                       Auth-Type := "Accept"
    

       }

         } 

Thanks / Regards
--RM


On Wed, Jun 5, 2013 at 1:34 PM, Alan DeKok <aland@deployingradius.com> wrote:
John Dennis wrote:
> You're both right, now shake hands and make up :-) The problem with the
> term authorization in radius is used in a non-standard way that leads to
> confusion. The normal use of the term authorization (authz) indicates
> what a principal is permitted to do and a principal must be validated
> via authentication (authn) first. In radius authorization means
> collecting information necessary to perform the authentication
> operation. It's an unfortunate semantic difference that leads to a fair
> amount of confusion (myself included), but after a while you get used to
> it.

  It was a historical mistake in FreeRADIUS which has been kept for too
long.

  After 3.0 is released, we'll transition to a naming scheme that's a
little more complex, but much clearer.  The idea is that every packet
has 3 stages:

        recv = receive the packet
        process = process the packet
        send = send the reply

  We can map the existing authorize / authenticate / etc. to these
processing stages.  That change will be initially confusing, but will be
 simpler.  It will also enable the server to do more protocols that are
in the works. :)

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html