realm question
Jeff Crowe
listacct at genhex.net
Mon Jul 28 15:27:32 CEST 2008
Subject: Re: realm question
Hi,
> Can I strip the "idm/something/" somehow?
sure. a simple strip in the config would work...
or unlang of course.
eg in radiusd.conf
attr_rewrite copy.user-name {
attribute = Stripped-User-Name
new_attribute = yes
searchfor = ""
searchin = packet
replacewith = "%{User-Name}"
}
attr_rewrite remove-junk {
attribute = Stripped-User-Name
searchfor = "/idm\/something\/"
searchin = packet
new_attribute = no
replacewith = ""
}
then in sites-enabled/default (or usual server) add
copy.user-name
remove-junk
in the authorize section alongside prefix, suffix, ntrealm etc
------------------
Hi Alan,
Thank you for your reply, it worked great with a couple of tweaks. For
those trying to implement the same type of idea, the code works great when
added to the modules/attr_rewrite module instead of in the radiusd.conf
file.
In your sites-available/whatever, the order of the processing is important.
I have a realm setup to strip off after the @domain, but if the attr_rewrite
modules are called before the suffix module, the suffix module will not pass
the stripped-user-name that was required in my case, it will pass the whole
user at domain as the username.
If you place the rewrite modules names after the suffix, everything works
great.
Cheers,
Jeff.
More information about the Freeradius-Users
mailing list