How to Disable RADIUS user logins if 'Session-Timeout' falls below 0
Jaco van Tonder
jaco at alwayson.co.za
Mon Aug 22 14:11:52 CEST 2005
Use the couter module it does exactly what you want without triggers etc.
Regards
Jaco van Tonder
________________________________________
From: freeradius-users-bounces at lists.freeradius.org
[mailto:freeradius-users-bounces at lists.freeradius.org] On Behalf Of
sagar.patil at bt.com
Sent: 17 August 2005 11:28 AM
To: freeradius-users at lists.freeradius.org
Subject: How to Disable RADIUS user logins if 'Session-Timeout' falls below
0
Hi All,
I am using FreeRadius with PostgreSQL and everything is running like a charm
besides a small issue.
I am using session-timeout attribute in radreply table to control user
session time.
I have added a trigger on RADACCT table which subtracts amount of time used
by user from RADREPLY each time when he logs in.
It does work but when time is below 0 or negative I need to stop user from
getting into my system and I am failing to do so.
Here are my RADREPLY Table entries
INSERT INTO radreply (id, username, attribute, op, value) VALUES (2,
'sagar', 'Idle-Timeout', ':=', '300');
INSERT INTO radreply (id, username, attribute, op, value) VALUES (3,
'sagar', 'Reply-Message', ':=', 'You Have Logged in Successfully');
INSERT INTO radreply (id, username, attribute, op, value) VALUES (1,
'sagar', 'Acct-Interim-Interval', ':=', '120');
INSERT INTO radreply (id, username, attribute, op, value) VALUES (4,
'sagar', 'Session-Timeout', ':=', '-904');
The easiest way would be altering Authenticate SQL and adding a condition to
check Session-Timeout to see it doesnt fall below 0
I am not very good in POSTGRES so can someone please let me know how to do
it.
The other way would be using a Function /Procedure to carry out this check
but my question is how to use procedures/functions in postgres.conf
authenticate_query = "SELECT Value,Attribute FROM ${authcheck_table}
\
WHERE UserName = '%{User-Name}' AND ( Attribute =
'User-Password' OR Attribute = 'Crypt-Password' ) \
ORDER BY Attribute DESC"
Sagar Patil
British Telecommunications plc
Registered office: 81 Newgate Street London EC1A 7AJ
Registered in England no. 1800000.
This electronic message contains information from British Telecommunications
plc which may
be privileged or confidential. The information is intended to be for the use
of the individual(s) or
entity named above. If you are not the intended recipient be aware that any
disclosure,
copying, distribution or use of the contents of this information is
prohibited. If you have
received this electronic message in error, please notify us by telephone or
email (to the
numbers or address above) immediately.
More information about the Freeradius-Users
mailing list