Change of Authorization (RFC 3576 / 5176)
Alan DeKok
aland at deployingradius.com
Thu Jun 11 07:46:11 CEST 2009
Kanwar Ranbir Sandhu wrote:
> On Wed, 2009-06-10 at 15:09 -0400, Kanwar Ranbir Sandhu wrote:
>> I have a related question, although it's a bit off topic.
>>
>> On Tue, 2009-05-19 at 14:08 +0200, Alan DeKok wrote:
>>> In 2.1.6, the server could *originate* CoA packets. e.g. If the users
>>> bandwidth consumption is over a quota, send a packet to disconnect them.
>> Does this include things like changing the group a user in? For
>> example, if a user in the "allowed" group is updated to be in the
>> "disallowed" group (and auth/acct are in mysql), freeradius would
>> originate a CoA packet to disconnect the user. Can this be done with
>> unlang, or am I mad?
>
> Anyone?
Not all messages get *immediate* responses.
And how would the server know if you changed the group?
If the group changes, you'll need to tell FreeRADIUS to re-evaluate
the policies.
Alan DeKok.
More information about the Freeradius-Users
mailing list