Force Auth-Type
Alan DeKok
aland at deployingradius.com
Sat Jan 26 10:01:07 CET 2008
Markus Moeller wrote:
>> if ("%{ldap: stuff... }" == "bar") {
>> ...
> I didn't know that is possible. Where is this documented ? I thought I
> read all FAQ and documentations.
It's not really well documented, because it's not well tested. If it
works, great. If not...
> The other questions I have is about the AV pairs used. As far as I
> understand freeradius uses request, reply, check_tmp, internal only AV
> pairs. Is there a document which module uses which for what purpose ?
doc/aaa.txt
> Is there a process flow diagram somewhere describing how freeradius works ?
Nope.
> I understand
> 1)client -> server sends a request AV pair
> 2) server processes first authorisation modules and if fails end ?
> 3) server processes authentication modules and if fails end ?
> 4) server -> client sends reply AV pair
>
> What is the use of check(item) AV pairs ? Is it to communicate between
> modules ?
Among other things. It's for things associated with the request that
don't need to go into a packet.
Alan DeKok.
More information about the Freeradius-Users
mailing list