Configuration trouble with fail-over
Alan DeKok
aland at deployingradius.com
Wed Apr 30 11:41:36 CEST 2008
Guillaume Rousse wrote:
> What's wrong with just looking recursively for the name under which the
> module has been instanciated in the authorization section, without
> interpreting fail-over behaviour at all ?
Because it may be listed under multiple Auth-Type sections. This is
something that people do, and is valid.
>> The problem is a common one in computer science: write a program that
>> "understands" what another program is doing. This problem is generally
>> known to be impossible.
> Here the communication occurs between the main program, and one of its
> module, the relationship is a bit tighter.
The problem is interpreting the meaning of the configuration in an
"authenticate" section, including sections, sub-sections, "unlang", and
redundant sections. Then, automatically making the server do the "right
thing" in the authorize section, based on it's interpretation of the
"authenticate" section.
This is hard.
Alan DeKok.
More information about the Freeradius-Users
mailing list