Digest authentication and perl authorization
tnt at kalik.net
tnt at kalik.net
Mon Jan 5 17:23:06 CET 2009
>I am thinking in something like this:
>
>- Radius client (b2bua) sends an access-request with Service_type =
>"Authorize-Only"
>- Adding perl module to authorization section.
>- In authorize function of perl module check if the balance is enough
>to make the call. if yes add an attribute to the reply with granted
>credit time and return return RLM_MODULE_OK. If no, return
>RLM_MODULE_REJECT.
>
That can work. As long as radius client understands that Service-Type.
>My questions are: how is the best way of making authorization without
>authentication?
>
The way you described it.
>- Should perl module set Auth-Type := Accept if the user is authorized?
>
Yes.
>- What should I need to add in the users file for this to work,
>something like this?
>
>DEFAULT Auth-Type := Accept, Service-Type == "Authorize-Only"
>
No nedd. perl can do it all. It can add Service-Type to reply as well.
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list