Transform reject to accept response with specific attributes
Greetings to all, I would like to achieve the following functionality: in case a user's AUTHENTICATION fails, the user should not be rejected but be given an accept response with specific attributes. The reason behind this is to provide a captive portal functionality for users having wrong credentials in their CPEs. Could you provide a few hints for how the config would look like (I am thinking of something in terms of unlang and utilizing virtual servers but I am not sure how it would look like. Regards, Kostas -- Kostas Zorbadelos twitter:@kzorbadelos http://gr.linkedin.com/in/kzorba ---------------------------------------------------------------------------- () www.asciiribbon.org - against HTML e-mail & proprietary attachments /\
Kostas Zorbadelos wrote:
I would like to achieve the following functionality: in case a user's AUTHENTICATION fails, the user should not be rejected but be given an accept response with specific attributes.
You can't turn a reject into an accept. You'll have to compare the passwords manually (perl, etc.) and manage it that way. If the passwords match, return A, otherwise return B. Alan DeKok.
On 6 Sep 2012, at 15:10, Kostas Zorbadelos <kzorba@otenet.gr> wrote:
Greetings to all,
I would like to achieve the following functionality: in case a user's AUTHENTICATION fails, the user should not be rejected but be given an accept response with specific attributes. The reason behind this is to provide a captive portal functionality for users having wrong credentials in their CPEs. Could you provide a few hints for how the config would look like (I am thinking of something in terms of unlang and utilizing virtual servers but I am not sure how it would look like.
authenticate { Auth-Type pap { pap { reject = 1 } if (reject) { ok # Add extra attributes here... } } } -Arran
Arran Cudbard-Bell <a.cudbardb@freeradius.org> writes:
On 6 Sep 2012, at 15:10, Kostas Zorbadelos <kzorba@otenet.gr> wrote:
Greetings to all,
I would like to achieve the following functionality: in case a user's AUTHENTICATION fails, the user should not be rejected but be given an accept response with specific attributes. The reason behind this is to provide a captive portal functionality for users having wrong credentials in their CPEs. Could you provide a few hints for how the config would look like (I am thinking of something in terms of unlang and utilizing virtual servers but I am not sure how it would look like.
authenticate { Auth-Type pap { pap { reject = 1 } if (reject) { ok # Add extra attributes here... } } }
Thank you very much, this seems to work.
-Arran
Kostas
participants (3)
-
Alan DeKok -
Arran Cudbard-Bell -
Kostas Zorbadelos