Plug-in Question
Peter Nixon
listuser at peternixon.net
Sat Jul 7 22:48:41 CEST 2007
On Sat 07 Jul 2007, Arran Cudbard-Bell wrote:
> Phil Mayers wrote:
> > On Fri, 2007-07-06 at 11:49 +0200, Alan DeKok wrote:
> >> Stefan Winter wrote:
> >>> It's a long shot, but: wouldn't it make sense to clear the wording for
> >>> 2.0? I know, it would break all existing configs out there, but
> >>> manually working through the config is needed anyways...
> >>> I know that this wording startled me quite a bit when I was new
> >>> here...
> >>
> >> It's worth doing.
> >>
> >> The problem is we can't call the post-authentication step
> >> "authorize", because that will confuse everyone upgrading from 1.x.
> >>
> >> I think the default configuration should be "pre-auth", "auth", and
> >> "post-auth". We can still accept "authorize" as a synonym for
> >> "pre-auth" in the short term.
> >
> > +1 - excellent idea
>
> +1 - Makes more sense...
>
> So proxying logic is done in pre-auth , authentication in auth , and
> reply formulation in post-auth...
>
> Yeah far better :) No more reply formulation for users who are going to
> be rejected ....
>
> + Remove post auth query from SQL module ... functionality can be
> replicated in unlang with minimum of fuss.
Why do this? The ability to log things to sql post-auth is very usefull and I
believe fairly widely used. What is the advantage of removing it?
--
Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc
More information about the Freeradius-Users
mailing list