Dropping requests when no authentication possible
Chris Phillips
chris at untrepid.com
Sun Mar 15 10:17:32 CET 2009
On Sat, Mar 14, 2009 at 8:08 AM, Alan DeKok <aland at deployingradius.com>wrote:
> Chris Phillips wrote:
> > Thanks, frustrating this, maybe I'll need to revert to ideas about a
> > cron job to do some housekeeping checks...
>
> One more thought:
>
> authorize {
> ...
> redundant {
> redundant {
> ldap1
> ldap2
> }
>
> group {
> update control {
> Response-Packet-Type = Do-Not-Respond
> }
>
> handled # i.e. not "ok"
> }
> }
> ...
> }
>
> The "handled" return code says "stop processing right now..."
>
Yahooooooo! that's the one! Debug instantly said that it will stop
processing the request and no response is to be sent. Brilliant.
>
> > Is there an angle to filter out the Access-Type field in the packet that
> > gets sent back? Would a useless packet have the same effect as no packet
> > at all?
>
> What's Access-Type?
It's me not remembering RADIUS correctly. I just wondered if it was possible
to send a packet back that was not an accept, reject or anything useful at
all. Irrelevant now anyway, thanks for your help.
Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090315/2effdf40/attachment.html>
More information about the Freeradius-Users
mailing list