How to capture final authentication results?
godrickk at gmail.com
Mon Jun 11 17:22:13 CEST 2018
Thank you, Alan! These are very useful pointers and I will take a look.
Accept and reject would be sufficient at the moment. I was wondering if
user-specific configurations can be kept as they are and be "wrapped" with
our post-auth operations, but we can get to that later.
Thanks again for the kind reply! Much appreciated!
On Mon, Jun 11, 2018 at 10:41 PM, Alan DeKok <aland at deployingradius.com>
> On Jun 11, 2018, at 10:30 AM, Kai GAO <godrickk at gmail.com> wrote:
> > We are developing a network management system and want to integrate
> > FreeRadius as our web authentication server. One step is to get the final
> > authentication result (after all customized post authentication steps)
> > a given host and save it to a remote server.
> You can do this without code changes.
> > I found the post-authentication step to be a good starting point.
> > as I tracked down 'rad_postauth' (src/main/auth.c) ->
> > (src/main/auth.c) and then to various entry points such as
> > 'eap_peap_process' and 'mod_process' of some EAP submodules, I got lost
> > couldn't figure it out on my own.
> > Thus, here are the questions I have: Is there a simple yet efficient way
> > get the final authentication results? If so, which source files should I
> > look into?
> What "final authentication results" are you looking for?
> If you want to know accept/reject, see raddb/sites-available/default.
> Read the "post-auth" section.
> And if you want to save the results to a remote server, use the "rest"
> There isn't any need to change the source code.
> Alan DeKok.
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
PhD Candidate at Institute of Network Science and Cyberspace
Department of Computer Science and Technology
Tsinghua University, Beijing, China
More information about the Freeradius-Devel