Fw: authorize and authenticate methods ina custom module
Susana Macias
susana_macias12 at yahoo.es
Thu Jan 5 10:06:44 CET 2006
Thanks a lot Alan,
I would like to explain what I am trying to develop. If someone has any advise, please tell me. This is my scenario:
Until now, we have a RADIUS server (RADIUS PSI) which only receives Access-Request packets.
Also we have a CGI application located in the URL http://X.Y.Z.W:8080/nucleo
This application receives a set of parameters as an URL encoded string (all characters that are not a-z, A-Z or 0-9 are converted to their "URL escaped" version) with this form:
Attribute1=Value1&Attribute2=Value2... (where Attribute1, Attribute2... and Value1,Value2... are the differents Attribute/Value pairs obtained from the Access-Request packet)
The CGI application consults a remote database (and normally authenticate the user using the telephone number; although there are other variants).
According to the response obtained from the remote resource, the RADIUS server adds differents Attribute/Value pairs to the reply list, and always reply with an Access-Accept packet (whether or not the CGI application authenticate the user successfully)
Now, we want to change to a FreeRadius server.
I only want to call the remote resource (using the libcurl library) passing it the appropiates parameters and collect the information returned by it in order to create the reply list. As the CGI application performs the authorize and authenticate activities I am a little embarrassed to say that I am not sure which function should I implement (authorize or authenticate).
Thank you very much in advance
Best wishes,
Susana
----- Original Message -----
From: "Alan DeKok"
To: "FreeRadius users mailing list"
Sent: Tuesday, January 03, 2006 4:31 PM
Subject: Re: authorize and authenticate methods ina custom module
> Susana Macias wrote:
> > I have started working with the RADIUS protocol (and with FreeRadius
> > in particular) three weeks ago. Congratulations for the product, it is
> > really powerful!
>
> Thanks.
>
> > But, when are the authorize() and authenticate() methods called?
>
> When a packet comes in. See doc/aaa.txt
>
> > Is it necessary to include in the radiusd.conf the name of the
> > instance (of the new module created) in the authorize section in order
> > to call its authorize() method?
>
> Yes.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>
---------------------------------
Correo Yahoo!
Comprueba qué es nuevo, aquí
http://correo.yahoo.es
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060105/3d0d5385/attachment.html>
More information about the Freeradius-Users
mailing list