Support for RFC4372 (Chargeable User Identity)
Stefan Winter
stefan.winter at restena.lu
Mon Jan 7 15:26:04 CET 2008
Hello,
is that implemented in FR, be it 1.1 or 2.0? According to
http://wiki.freeradius.org/RFC it shouldn't be.
From my reading of the RFC, defining it "by hand" in radreply is not
considered good enough, because it has a specific logic behind it:
(2.1)
If a home RADIUS server that supports the CUI attribute receives an
Access-Request packet containing a CUI (set to nul or otherwise), it
MUST include the CUI attribute in the Access-Accept packet.
Otherwise, if the Access-Request packet does not contain a CUI, the
home RADIUS server SHOULD NOT include the CUI attribute in the
Access-Accept packet. The Access-Request may be sent either in the
initial authentication or during re-authentication.
So, always sending it via radreply would ignore the SHOULD NOT. Not defining
it at all though makes it difficult for the server to maintain a persistent
yet anonymous handle. So something like defining it by hand but only
including it if it was asked for would be needed. Is that logic present in
FR?
Greetings,
Stefan Winter
--
Stefan WINTER
Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de
la Recherche
Ingenieur Forschung & Entwicklung
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
E-Mail: stefan.winter at restena.lu Tel.: +352 424409-1
http://www.restena.lu Fax: +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080107/a9685e91/attachment.pgp>
More information about the Freeradius-Users
mailing list