JRadius module for post-auth
laoyizhi at yahoo.com
Mon Apr 3 18:37:44 CEST 2006
This is related to my previous mail on setting up
Freeradius for 2 factor authentication with
chanllenge-response. I looked at what JRadius module
can do and am going to attempt the following approach
1. insert a JRadius module into the "post-auth"
section, such that the module will process an
"Access-Accept" packet into an "Access-Chanllange"
Question: is this allowed by FreeRadius? i.e. would
FreeRadius allow an module in "post-auth" to change
the packet type(Code)?
2. insert a JRadius module into either the "authorize"
or "authenticate" section, such that it will recognize
an access-request packet which answers the chanllenge,
and process it using its own logic
Question: Would freeradius allow a module called in
"authorize" part to directly accept or reject a
request, without making it go through to the
Thank you and best regards
--- Alan DeKok <aland at ox.org> wrote:
> Yizhi Lao <laoyizhi at yahoo.com> wrote:
> > What I am worried about is not the second
> authentication method, but
> > to chain two authentication together. is there any
> convenient way to
> > do it?
> As I said, you have to write you own module to do
> The "example" module that is included with the
> server shows how to
> chain two authentications together. Take a look at
> Alan DeKok.
> List info/subscribe/unsubscribe? See
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
More information about the Freeradius-Users