JRadius module for post-auth
Yizhi Lao
laoyizhi at yahoo.com
Mon Apr 3 18:37:44 CEST 2006
Hi,
This is related to my previous mail on setting up
Freeradius for 2 factor authentication with
chanllenge-response. I looked at what JRadius module
can do and am going to attempt the following approach
1. insert a JRadius module into the "post-auth"
section, such that the module will process an
"Access-Accept" packet into an "Access-Chanllange"
packet
Question: is this allowed by FreeRadius? i.e. would
FreeRadius allow an module in "post-auth" to change
the packet type(Code)?
2. insert a JRadius module into either the "authorize"
or "authenticate" section, such that it will recognize
an access-request packet which answers the chanllenge,
and process it using its own logic
Question: Would freeradius allow a module called in
"authorize" part to directly accept or reject a
request, without making it go through to the
"authenticate" section?
Thank you and best regards
Kaden
--- Alan DeKok <aland at ox.org> wrote:
> Yizhi Lao <laoyizhi at yahoo.com> wrote:
> > What I am worried about is not the second
> authentication method, but
> > to chain two authentication together. is there any
> convenient way to
> > do it?
>
> As I said, you have to write you own module to do
> this.
>
> The "example" module that is included with the
> server shows how to
> chain two authentications together. Take a look at
> it.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the Freeradius-Users
mailing list