Hello alan, Thank you for your polite answer. I will explain the background of the question. My proxy.conf as follow. ----- realm "~^subdomain\.domain\.com$" { authhost = LOCAL accthost = LOCAL } realm "~^(.+\.)?domain\.com$" { authhost = 127.0.0.1:1645 accthost = 127.0.0.1:1646 secret = dummy } home_server server1 { ... } home_server server2 { ... } home_server_pool server { type = fail-over home_server = server1 home_server = server2 } realm NULL { authhost = 127.0.0.1:1645 accthost = 127.0.0.1:1646 secret = dummy } realm DEFAULT { pool = server nostrip } ----- Authenticate the user only when subdomain is attached. In case of domain without subdomain, if domain.com doesnot exist, I want to fail authentication. In this case, what do you think? Best regards, 2016-12-05 20:48 GMT+09:00 <A.L.M.Buxey@lboro.ac.uk>:
Hi,
Instead of failing all users' authentication, we want to fail only in the case of NULL realm. DEFAULT realm will authenticate with a real authentication server.
NULL realm is no realm. thus you check with unlang as to whether is a realm.
my previous answer already did that.
please stop thkining about DEFALT and NULL anyway - those things are going - think instead of what the realm looks like, what format it is and how you want it handled (you shouldnt be using DEFAULT either ;-) )
alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html