rlm_perl question (was Re: General question about authentication/authorization)
Boian Jordanov
bjordanov at orbitel.bg
Fri Mar 17 22:44:37 CET 2006
On Friday 17 March 2006 19:21, George C. Kaplan wrote:
> Phil Mayers wrote:
> > Sort of. AFAIK nothing else sets Autz-Type. But quite a few modules set
> > Auth-Type based on the incoming requests e.g. the "mschap" modules sets
> > Auth-Type=MS-CHAP if the mschap attributes are in the request. Ditto the
> > "chap" and "eap" modules. "pap" is a bit more complex and has changed in
> > CVS head.
> >
> > Generally, you should not set Auth-Type in the users file. It's a sign
> > you're doing something wrong. Perhaps if you told us what you're trying
> > to do?
>
> I've been wondering about this, in relation to the rlm_perl module. We
> see "Don't set Auth-Type in the users file" all over the place, but with
> rlm_perl, the %RAD_CHECK hash is read-only. So if I'm using perl for
> authorization, I *have to* set the Auth-Type in the users file.
>
> This isn't really a problem (since it all works the way I want), but it
> seems inconsistent, especially considering that other modules can modify
> the request or check items. So, why were %RAD_CHECK and %RAD_REQUEST
> made read-only?
Because perl hashes are not ordered.
--
Best Regards,
Boian Jordanov
SNE
Orbitel - Next Generation Telecom
tel. +359 2 4004 723
tel. +359 2 4004 002
More information about the Freeradius-Users
mailing list