Null SQL user
Michael Griego
mgriego at utdallas.edu
Thu Sep 21 04:14:16 CEST 2006
Hey, Peter,
> How/Where is this DEFAULT user checked in SQL? I was of the impression that
> DEFAULT data didnt work in SQL. (It it does I obviously am missing
> something.)
We do a lot of default processing here. We're using it as a catchall
default policy for users (ie unless otherwise specified beforehand,
users are, by default, allowed access these resources and denied
access to these resources).
Anyway, check out rlm_sql.c line 1018. This is where the default
profile processing begins based on the default_user_profile
configuration item in the sql {} section. These section also
processes the User-Profile attribute if its present instead of the
default profile.
> As you can see a request with NULL username is quite valid for me, and may be
> proxied or accepted based (from inside the sql procedure) based on
> information in the request other than username/password and should therefore
> go through the normal sql queries.
Oh, absolutely. There are many instances where a User-Name attribute
may not/need not be present that are completely valid and should be
handled by the sql module.
--Mike
More information about the Freeradius-Devel
mailing list