Rewriting User-Name in pre-proxy
William Taylor
williamt at corp.sonic.net
Thu May 21 17:37:41 CEST 2009
On May 18, 2009, at 11:16 AM, William Taylor wrote:
> Im currently using freeradius 2.1.4
> I need to lookup a username in a dbm and rewrite it before sending
> off the proxy request.
> I have achieved this by using the below method. But I was wondering
> if there was a better way.
> It would seem that invoking perl with every auth request might be bad.
>
> Thanks in advance!
>
> -William
>
>
> In: /etc/raddb/dictionary
>
> ATTRIBUTE My-Local-String 3000 string
>
> In: sites-available/default
>
> pre-proxy {
> rewrite
> update proxy-request {
> User-Name := "%{proxy-request:My-Local-String}"
> }
> }
>
> In: /etc/raddb/modules/rewrite
>
> exec rewrite {
> wait = yes
> program = "/etc/raddb/rewriteusername.pl %{User-Name} %{Stripped-
> User-Name} %{Realm}"
> input_pairs = proxy-request
> output_pairs = proxy-request
> shell_escape = yes
> }
>
> In: /etc/raddb/rewriteusername.pl
>
> #!/usr/bin/perl
> use strict;
> use DB_File;
>
> my %h;
> tie %h, "DB_File", "/etc/raddb/rewritemap.db", O_RDONLY, 0444,
> $DB_HASH
> or die "Cannot open file rewritemap.db: $!\n";
>
> my $fuser = $ARGV[0];
> my $suser = $ARGV[1];
> my $realm = $ARGV[2];
>
> if($realm eq "foobee.net") {
>
> if($h{$suser}) {
> print "My-Local-String=" . $h{$suser};
> } else {
> print "My-Local-String=$suser";
> }
>
> } else {
> print "My-Local-String=$suser";
> }
>
> exit 0;
>
Anyone doing something similar ?
More information about the Freeradius-Users
mailing list