Using X.509 Cert. subject and issuer for authorization with EAP-TLS
A.Cudbard-Bell at sussex.ac.uk
Sun Apr 13 14:06:56 CEST 2008
> No. The "post-auth" section exists for precisely that purpose.
Well, ish... it seems it's still undergoing a bit of an existential
crisis in 2.*.
"Hi I'm the post-auth section, i'm here to assign service authorization
attributes after my friend the auth section has determined the validity
of the users authentication attempt. But oh no, rlm_sql why are you
logging requests here... no no no, you should be *authorizing* requests
here and, arg someones already formulated a response; what am I for why
am I here, so many questions..."
Maybe in 3.* ;-)
> Alan DeKok.
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
More information about the Freeradius-Devel