Authorization in RADIUS, Authorization in freeradius
George Beitis
george.beitis at gmail.com
Sun Sep 2 19:21:56 CEST 2007
Hey Alan
>> FreeRADIUS *does* implement policies which provide authorization facilities.
Does this mean that you could actually write policies inside of freeradius?
regards
George
Alan DeKok wrote:
> George Beitis wrote:
>
>> thank you for your reply. I am writing up a part of my dissertation and
>> I 'm referring to freeradius and the RADIUS protocol trying to explain
>> how it works.
>>
>
> By accident, mostly. Like many practical systems, it was built to do
> something first, and to have theoretical rigor second.
>
>
>> From my research most people who use RADIUS for
>> authentication purposes. Noone gives a clear image of whether or not
>> they use it for authorization once they established authentication, so
>> in other words authentication and authorization become one the same.
>>
>
> If the user hasn't been authenticated, he's likely not authorized to
> do anything. So yes, an "authentication succeeded" message most often
> includes statements of "you are authorized to do X, Y, and Z".
>
>
>> Do
>> you know of any products that can be used with freeradius to provide
>> such authorization facilities? Using perhaps policies?
>>
>
>
>
> Perhaps you meant to ask another question?
>
> Alan DeKok.
>
>
>
More information about the Freeradius-Users
mailing list