EAP-TLS performance SQL backend bottleneck
A.L.M.Buxey at lboro.ac.uk
Thu Sep 10 21:40:15 CEST 2009
> If not in "authorize" section, where do I put "sql" module call?
> We have to go and validate user in SQL and we need to return
> reply-attributes to the client.
authorize is used solely to see if someone is able to use a service
from a particular IP address..at a certain time etc etc. its got
nothing to do with 'validation' of a user and it shouldnt be
used for reply attributes.
to 'validate' a user, use authentication
to return reply-attributes, call sql in the post-auth section
(you only want to call this function if they have validated etc)
its just a case of semantics and understanding what each letter in AAA
More information about the Freeradius-Users