13 LDAP queries for one authorize!

Turbo Fredriksson turbo at dagdrivarn.se
Fri Aug 24 13:49:13 CEST 2007


Quoting Phil Mayers <p.mayers at imperial.ac.uk>:

> DEFAULT	FreeRadius-Proxied-To == 127.0.0.1, Autz-Type := "INNER"
>
> 1) proxy part makes sure that only INNER is called when its proxied to
> 127.0.0.1

Ok, think I got this. Does it matter WHERE in the file this DEFAULT is?
And is the keyword 'INNER' important? I.e. Can it be any word, or must it
be just 'INNER' (uppercased and all)?

> 2) INNER Auth part ensures that the ldap module is only called for the
> INNER part of the check...not for everything else. also very very useful
> as it stops outer ID junk and debris from being checked.

What IS 'the INNER part' (may depend on the answer on my first question
above) as opposed to 'the outer'? In context I get the general idea, but
the actual definition on INNER and OUTER?



More information about the Freeradius-Users mailing list