Confirming understanding of the rlm_rest module
I'm looking into options for integrating freeradius with my own external software. I see that there is the rlm_rest module - from reviewing it's docs, I believe I understand that this would allow me to have my freeradius server(s) relay auth and/or accounting requests to my own external systems by calling api endpoints on the external systems. I believe I understand there is no native ability in freeradius to expose its own HTTP endpoint that external systems could call to do things like add/modify/delete users and trigger freeradius CoA requests. Is this correct? Thanks for your help! Andris --- Andris Bjornson | EveryLayer <http://www.everylayer.com/> skype: andris.bjornson
On Jun 21, 2018, at 10:05 AM, Andris Bjornson <andris@everylayer.com> wrote:
I'm looking into options for integrating freeradius with my own external software.
I see that there is the rlm_rest module - from reviewing it's docs, I believe I understand that this would allow me to have my freeradius server(s) relay auth and/or accounting requests to my own external systems by calling api endpoints on the external systems.
Correct.
I believe I understand there is no native ability in freeradius to expose its own HTTP endpoint that external systems could call to do things like add/modify/delete users and trigger freeradius CoA requests.
Is this correct?
Yes. There's really little advantage to FreeRADIUS exposing an API to modify your datastore. If you manage users in an SQL database, write an API to wrap the SQL database, same with LDAP, Redis, Couchbase etc... If you want to send CoA requests there are RADIUS client libraries in multiple languages or with multiple language bindings. -Arran
participants (2)
-
Andris Bjornson -
Arran Cudbard-Bell