User_Role configuration in freeRadius Users file

kpani dhandu_k at yahoo.co.in
Tue Jun 30 14:06:20 CEST 2009


Thanks Ivan.
I hope it is /usr/local/share/freeradius/dictionary included in
raddb/dictionary.

I added an entry like this & restarted server: 
ATTRIBUTE       User-Role                               208     string

But with JRadius client, I am getting 'Invalid RADIUS Authenticator' after
this new attribute. I am calling the server using the below code. I tried
using PAPAuthenticator also but same error.
RadiusPacket reply = radiusClient.authenticate(request, new
MSCHAPv2Authenticator(), 0);

Can you help me why I am getting this error?

Regards,
Dhandapani


Ivan Kalik wrote:
> 
> OK then. Your users file example looks fine. All you have to do is define
> this custom attribute in raddb/dictionary.
> 
> Ivan Kalik
> Kalik Informatika ISP
> 
>> Yes Ivan. I am sure that I will utilize the server configuration in
>> client
>> application.
>>
>> I am able to read the response and parse the attributes from client. For
>> example, I am able to read the value of the attribute 'Reply-Message'
>> using
>> its name or the code 18. Same way I want to read the userType and
>> authorize
>> the features of my client. Please advise.
>>
>> Thanks in advance.
>>
>> Regards,
>> Dhandapani
>>
>>
>> Ivan Kalik wrote:
>>>
>>>> I am using freeRadius for user authentication. I also want to assign
>>>> roles
>>>> (like type of user) for each user configured in
>>>> /usr/local/etc/raddb/users
>>>> file as like below. Then I will authorize the user in my radius client
>>>> application based on radius returned role.
>>>>
>>>> dhandapani   Cleartext-Password := "dhanda"
>>>>        Service-Type = Framed-User,
>>>>        Framed-Protocol = PPP,
>>>>        Reply-Message = "Hello Dhandapani",
>>>>        User-Role = Admin
>>>>
>>>> Is it possible. I have seen an attribute called 'Aruba-User-Role' but
>>>> looks
>>>> like vendor specific. Is there any way to configure the role?
>>>
>>> Does your client know what to do with that attribute? There is no point
>>> configuring it in freeradius if your client can't use it.
>>>
>>> Ivan Kalik
>>> Kalik Informatika ISP
>>>
>>> -
>>> List info/subscribe/unsubscribe? See
>>> http://www.freeradius.org/list/users.html
>>>
>>>
>>
>> --
>> View this message in context:
>> http://www.nabble.com/User_Role-configuration-in-freeRadius-Users-file-tp24268833p24269270.html
>> Sent from the FreeRadius - User mailing list archive at Nabble.com.
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
> 
> 
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> 
> 

-- 
View this message in context: http://www.nabble.com/User_Role-configuration-in-freeRadius-Users-file-tp24268833p24270722.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.




More information about the Freeradius-Users mailing list