rlm_perl authentication override
henka at cityweb.co.za
Mon Dec 15 15:59:53 CET 2008
Using freeradius 2.0.5 and rlm_perl.
Let's say we have a username which is locked in /etc/shadow.
Normal authentication will prevent this user from logging in.
I would like to override this behaviour in either authorize() or
post_auth() and allow the user to login (but with modified $RAD_REPLY)
despite the locked system user.
In authorize(), changing $RAD_REPLY (to allow a modified service) is
no problem, but I'm not sure what to return so radiusd will
authenticate the user even though their password is incorrect (return
RLM_MODULE_OK of course doesn't change this behaviour) - eg, rejecting
a user is easy, just return RLM_MODULE_REJECT.
Is there a way to change the reply from Access-Reject, to Access-Accept?
More information about the Freeradius-Users