Solved Can we do sql just once during eap-tls handshake
Johan F2
johan.finnved at stek.se
Thu Mar 5 18:16:15 CET 2009
It works!
Now there is only one database access per authetication.
The relevant part of the config is now:
authorize {
....
eap
}
authenticate {
eap
}
post-auth {
sql.authorize
if (notfound) {
fail
}
}
Somewhat un-obvious but thanks alot for the help!
(But I guess setting Auth-method to Reject in the database no longer works.)
/Johan
Alan DeKok-2 wrote:
>
> Johan F2 wrote:
>> Both authorize:sql and sql:authorize cause an error "Failed to find
>> module".
>
> Use "sql.authorize"
>
>> I have not found any documentation about forcing a module into running
>> code
>> for
>> for another phase (authorize when doing post-auth).
>
> It's not documented. It was a "feature" that got added
> semi-accidentally, and then turned out to be too useful to remove.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
--
View this message in context: http://www.nabble.com/Can-we-do-sql-just-once-during-eap-tls-handshake-tp22335348p22356130.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list