freeradius and ADSL-Agent-Circuit-Id

Mike mike-freeradius at
Tue Jul 20 21:36:34 CEST 2010


    I would like to be able to incorporate processing of 
ADSL-Agent-Circuit-Id into my freeradius / mysql environment. I have a 
stock debian / freeradius2 server with a local mysql database, and my 
bras is correctly getting this attribute to me and I see it under 
freeradius -X. I would like to implement a policy of 'ignore 
username/password' and instead authenticate based on the presence of 
this attribute and the database entry corresponding to it. I do not want 
to simply overwrite User-Name with the attribute, I really want to only 
peform this step if the attribute is actualy present otherwise proceed 
normally for chap/pap. So I guess the question is, how can I 
conditionally authenticate based on presence of this attribute (and a 
corresponding db entry saying "Auth-type = Accept" or "Reject")? 
Previous posters suggesting overwriting User-Name open up a hole where 
if anyone just makes their username the same as a valid circuit ID, 
they'd be allowed and really I want to enforce it based on the presence 
of the acutal attribute itself.


More information about the Freeradius-Users mailing list