Setting a realm in the User-Name based on Client-IP-Address
Jason E. Murray
jemurray at zweck.net
Wed Jan 24 22:59:34 CET 2007
I have quite a few people on campus who authenticate to various systems
without using a realm in their username. With our current radius server
there is a option in the clients file where you specify a Default-Realm
per client. When an authentication request comes in from this client
the @realm is automatically tacked onto the User-Name attribute then
proxying is done based username at realm combination.
I need to replicate this behavior in FreeRadius.
In the users file I have:
DEFAULT Client-IP-Address == 127.0.0.1, User-Name !~ ".*@.*", Proxy-To-Realm := "rts"
Fall-Through = Yes
In the preproxy_users file I have:
DEFAULT Client-IP-Address == 127.0.0.1, User-Name !~ ".*@.*"
User-Name := "%{User-Name}@rts"
Both of these lines check to see if the @realm is missing and the
Client-IP-Address is 127.0.0.1 the proxy and rewrite accordingly.
My question is there a better way to do this, this seems a bit kludgy.
Using FreeRadius 1.1.4
Thanks in advance,
--
Jason E. Murray - jemurray at zweck.net
More information about the Freeradius-Users
mailing list