Reject user from SQL-DB
JB
list.freeradius at mac.com
Thu Feb 28 16:37:36 CET 2008
I'm sorry, I have to ask again. Have you found a way to let the reply
query know that the user has already been rejected in the check-query?
I'm trying to avoid executing the same queries twice and also to avoid
using temporary tables.
Thank you,
JB
JB (08.02.2008 14:00):
> Phil Mayers (08.02.2008 12:03):
>>> Ok, now I'm returning Auth-Type := Reject from my check-items-
>>> query and I hoped to be able to send a little more in depth
>>> information along the way in the Reply-Message attribute, but
>>> unfortunately this info gets lost. It seems that I have to fill
>>> this attribute in the reply-items-query.
>>> Does this mean the reply-items-query has to trigger the same
>>> functions as the check-items-query again to find out what the
>>> reason for the reject was? Or do I have to fill a temporary table
>>> with the reply message in the check-items-query which gets then
>>> returned in the reply-items-query?
>>
>> Hmm. I guess you're doing something like:
>>
>> authorize_check_query = "select myproc('%{SQL-User-
>> Name}','...etc...')"
>>
>> ...and are trying to avoid re-calling the same (or another)
>> function in the reply query.
>
> That's the problem.
> How will the reply query be aware that the user has already be
> rejected without using additional queries?
> I tried calling the check query with %{control:My-Reply} or %
> {control:Auth-Type} as attributes but those are empty though set in
> the check query.
More information about the Freeradius-Users
mailing list