Auth-Type discussion

Alan DeKok aland at
Mon Aug 7 16:43:56 CEST 2006

Geoffroy Arnoud <garnoud at> wrote:
> Maybe my mail will be out of the discussion, but we plan in middle
> term to migrate an existing AAA system from a commercial software to

  I don't mind hearing that. :)

> All authentication is planned to be done with custom modules, and in
> order to have good software maintenability, we plan to make 1 module
> per traffic type (local prepaid, local postpaid...) + 1 module for
> traffic identification. Therefore we are likely to use the Auth-Type
> (and thus Acct-Type) feature.

  OK... about the only times you need a custom authentication type are:

  a) you need to support a new authentication protocol
  b) you need to interact with another authentication server (e.g. ntlm_auth)

  If neither matches your systems, I'd think carefully about using
Auth-Type.  It's probably the wrong solution to the problem.

> Knowing that Auth-Type is likely to disappear may not be good news
> for our forseen implementation.

  The functionality won't go away, that's definite.

  However, it may be more difficult to use, for the simple reason that
so many people get it wrong.

  Alan DeKok.
--       - The web site of the book - The blog

More information about the Freeradius-Users mailing list