Converting User-Name to lower letters
Ivan Kalik
tnt at kalik.net
Wed May 7 18:08:42 CEST 2008
Use rlm_perl and lc() or \L.
Ivan Kalik
Kalik Informatika ISP
Dana 7/5/2008, "Khaiti, Issam (ext)" <issam.khaiti.ext at siemens.com>
piše:
>
>Hallo to all,
>
>I need a procedure to convert usernames from upper to lower letters. The
>entries in the fastuser files are all in lower letters. When an
>access-request comes where the username is in uppercase it has to be
>converted to lowercase otherwise the authentication will fail.
>
>In the FR version 1.x there was a config option "lower_user = before".
>This isn't existent in the 2.x version anymore. I tried to achieve this
>with unlang but wasn't successful. With the attribute rewrite option I
>can't find a way to do this either.
>
>Therefore my question: how can I convert the User-Name attribute from
>uppercase to lowercase?
>
>
>I did the following :
>
>Radiusd.conf:
>----------------------------------------------
>
>authorize {
> preprocess
> eap
>
>if ("%{User-Name}" !~ /(%{User-Name}\L)/ ) {
> update request {
> User-Name = `%{1}`
> }
> }
>
> fastusers_voip_printer {
> ok = return
> }
>
>
> fastusers_mac {
> ok = return
> }
>
>
> fastusers_assigned {
> ok = return
> }
> fastusers_all {
> notfound = reject
>
> }
> }
>
>
>
>fastusers_all:
>------------------------------------------------------------------------
>-
>
>radiustest3 Auth-Type := EAP
> Service-Type = Framed-User,
> Tunnel-Type = VLAN,
> Tunnel-Medium-Type = IEEE-802,
> Tunnel-Private-Group-ID = 230,
> Reply-Message = "auth.... von fastuser_all"
>
>
>Radiusd -X :
>------------------------------------------------------------------------
>------------------
>
>rad_recv: Access-Request packet from host 146.254.173.225 port 48125,
>id=0, length=130
> User-Name = "RAdiustest2"
> NAS-IP-Address = 127.0.0.1
> Calling-Station-Id = "02-00-00-00-00-01"
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-802.11
> Connect-Info = "CONNECT 11Mbps 802.11b"
> EAP-Message = 0x02000010015241646975737465737432
> Message-Authenticator = 0x5093767d601db7bf8a1ba95e9200fc77
>+- entering group authorize
>++[preprocess] returns ok
> rlm_eap: EAP packet type response id 0 length 16
> rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
>++[eap] returns updated
>++? if ("%{User-Name}" !~ /(%{User-Name})\L)/ )
> expand: %{User-Name} -> RAdiustest2
> expand: (%{User-Name})L) -> (RAdiustest2)L)
>? Evaluating ("%{User-Name}" !~ /(%{User-Name})\L)/) -> TRUE
>++? if ("%{User-Name}" !~ /(%{User-Name})\L)/ ) -> TRUE
>++- entering if ("%{User-Name}" !~ /(%{User-Name})\L)/ )
> expand: %{1} ->
>Exec-Program output: Exec-Program: FAILED to execute : No such file or
>directory
>Exec-Program-Wait: plaintext: Exec-Program: FAILED to execute : No such
>file or directory
>Exec-Program: returned: 1
>+++[request] returns invalid
>++- if ("%{User-Name}" !~ /(%{User-Name})\L)/ ) returns invalid
>Invalid user: [RAdiustest2/<via Auth-Type = EAP>] (from client radtest2
>port 0 cli 02-00-00-00-00-01)
>Delaying reject of request 0 for 1 seconds
>Going to the next request
>Waking up in 0.9 seconds.
>Sending delayed reject for request 0
>Sending Access-Reject of id 0 to 146.254.173.225 port 48125
>Waking up in 0.9 seconds.
>Cleaning up request 0 ID 0 with timestamp +5
>Ready to process requests.
>------------------------------------------------------------------------
>-------------------------------
>
>I'm sure I have missed something in the docs.
>
>Is there a possible setup? I've already searched in the config examples,
>docs, manpages and the mailing list archive but without luck.
>
>Thank you in advance.
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
More information about the Freeradius-Users
mailing list