post-auth and post-proxy subsections (was: Deprecated features)

Nicolas Baradakis nbk at
Fri Jul 29 15:32:36 CEST 2005

Alan DeKok wrote:

> Maybe we should just move to a completely separate way of handling things.

Another idea: allow the administrateur to set Post-Auth-Type during
post-auth, like we do for authorize. We first run the anonymous
modules outside any Post-Auth-Type stanzas. After that we check for
Post-Auth-Type and if it exists we run the corresponding subsection.

In this case, it could be possible to choose what will be run during
post-auth with the same syntax as the "users" file:

DEFAULT Realm ==, Packet-Type == Access-Accept, Post-Auth-Type :=

DEFAULT Realm ==, Packet-Type == Access-Reject, Post-Auth-Type :=

DEFAULT Packet-Type == Access-Accept, Post-Auth-Type := other

Nicolas Baradakis

More information about the Freeradius-Devel mailing list