Missing Realm when entering second authorization group

Xiwen Cheng xcheng at math.leidenuniv.nl
Mon Jun 15 11:37:46 CEST 2009

On Mon, Jun 15, 2009 at 10:24:04AM +0100, A.L.M.Buxey at lboro.ac.uk wrote:
> are you doing local proxy (ie have an entry for math.....nl in proxy.conf?)
> if so, ensure you define 'nostrip' otherwise the realm will be removed
> and you cannot use it.

Yes, we have our Realm defined in proxy.conf:
home_server_pool mi {
        type            = fail-over
        home_server     = localhost
realm math.leidenuniv.nl {
        auth_pool       = mi
#        nostrip

I tried adding the nostrip option, but as a result radiusd ends up in an infinite loop proxy-ing to itself:
        Proxy-State = 0x313839
        Proxy-State = 0x323035
        Proxy-State = 0x313930
        Proxy-State = 0x323437
        Proxy-State = 0x3933
        Proxy-State = 0x323130

The Realm indeed remained untouched in the username through out the request. How can I stop this loop?


Xiwen Cheng
System Administrator		;" Enthusiasm is contagious,
Mathematical Institute		;  but hype is a disease. "
Leiden University		;E-mail: xcheng at math.leidenuniv.nl
Niels Bohrweg 1 K210		;Office: (+31) 715277134
2333 CA Leiden			;Mobile: (+31) 611119991
The Netherlands			;GPG Key id: 194F572B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090615/e1129dc1/attachment.pgp>

More information about the Freeradius-Users mailing list