Reject user without realm
Roberto Greiner
mrgreiner at gmail.com
Mon Apr 9 21:28:16 CEST 2007
Arran Cudbard-Bell wrote:
> Marcos Roberto Greiner wrote:
>
>> Hi,
>>
>> I'm trying to use FreeRadius with Realms (using the form user at realm).
>> Basically, if a user uses user at provider1.com, I want Radius to
>> authenticate locally. If it's @provider2.com, 3.com, etc, on other
>> servers listed in proxy.conf.
>>
>> The problem I'm having is that if a user adds no realm, only the user,
>> the server is autenticating locally. I wanted it to deny the
>> authentication. How should I proceed?
>>
>> Thank you very much,
>>
>> Roberto
>>
>>
>>
> Ok , so you just want to Reject users who don't provide a realm ?
>
> Then you would need an entry in the users file like this
>
> DEFAULT User-Name !~ "^([[:alnum:]^@]+)@([[:alnum:].]+)$", Auth-Type :=
> Reject
>
That didn't work. When the user adds the 'local' domain (provider1.com),
the hints file strips the domain for the checking against the database.
After that, the new entry in the users file will reject the user,
because there is no longer any domain in the login.
Roberto
--
-----------------------------------------------------
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
Murphy
-----------------------------------------------------
More information about the Freeradius-Users
mailing list