Oguzhan Kayhan oguzhank at bilkent.edu.tr
Thu Dec 27 13:16:21 CET 2007


Hello Peter and all,
Yes i managed to work authentication via rlm_perl. I can get accept or
reject without a problem.
WHat i wonder is can i use it as a hybrid system as, to keep radacct logs
in sql, or to get some info data from radgrouprelpy or smwhere?
Or some stuff similar like this.
I just wanna use rlm_perl for user/pass matching thats all. Rest should be
by mysql.
Or do i have to write all this modules manually in my perl script too?


> Selam Oguzhan
>
> You need to be aware of a few things:
>
> Firstly, unless your clients use PAP you will not have a plain text
> password
> to use when loging into the IMAP server.
>
> Secondly, It is almost always a better idea to directly check the same
> backend credential store that yoru IMAP server uses than going via the
> IMAP
> protocol. If its a large mail server (At bilkent for example ;-) then you
> probably have an LDAP tree or SQL server at the backend which FreeRADIUS
> can
> directly talk to which would save several steps and protocol conversions
> and
> be much faster than going via IMAP. (You would also likely not have to
> write
> a perl module..)
>
> İyi çalı�malar
>
> Peter
>
> On Mon 24 Dec 2007, Oguzhan Kayhan wrote:
>> Hello all,
>> I am trying to figure out how to use rlm_perl module for authentication
>> purposes.
>> Whats in my mind is to use my existing IMAP server to check if account
>> exists or not.
>> On the wiki page of rlm_perl i see an example script as :
>>
>> # Function to handle accounting
>> sub accounting {
>>        # For debugging purposes only
>> #       &log_request_attributes;
>>
>>        # You can call another subroutine from here
>>        &test_call;
>>
>>        return RLM_MODULE_OK;
>> }
>>
>> Ok...
>> Now.. what should be my return value for test_call subroutine to make it
>> work. I am planning to call an Imap module here and as a return value i
>> should return what?
>> Im not good at perl so, any tiny help will be appreciated.
>>
>> I am planning to make smthing like this but i am really not sure if it
>> works or not:
>>
>> sub imapLogin {
>>    my $host = shift;
>>    my $account = shift;
>>    my $password = shift;
>>    my $server = shift;
>>
>>    # open a connection to the IMAP server
>>    if (! ($server = new Net::IMAP::Simple($host))) {
>>       return "cannot connect IMAP server";
>>    }
>>
>>    # login, if success return 1 (true?) and 0 (false?)
>>    if ($server->login( $account, $password )) {
>>       return RLM_MODULE_OK;
>>    } else {
>>       return RLM_MODULE_REJECT;
>>    }
>> }
>>
>>
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>
>
>
> --
>
> Peter Nixon
> http://peternixon.net/
>





More information about the Freeradius-Users mailing list