18 Apr
2013
18 Apr
'13
4:29 a.m.
Hi,
You can add
if ("%{User-Name}" =~ / /) { reject }
at the start of the authorize section.
This rule will reject user(s) in case they add blank spaces before or after the username...
invoke a policy. there are examples and usable methods already in policy.conf (2.x) and policy.d/* (3.x) - eg filter_username that you can use/modify. note that the above example quoted wont do what you expect...it will reject ANY user-name that contains a space anywhere - you may need to use some more regex to match whether space is at the END or BEGINNING of the attribute eg (quick, nasty example) if ( ("%{User-Name}" =~ / $/) || ("%{User-Name}" =~ /^ /) ){ reject } note...i said quick nasty example. this isnt the best regex. ;-) alan