return a special value in reply when simultaneous use

Ana Gallardo ana.gallardo.77 at gmail.com
Wed Jul 21 10:55:16 CEST 2010


Hello,

I'm working with Freeradius 2.1.8

I'm using session (sql) to control simultaneous use.

I would like to return a special value if an user try to access with
credentials in use.

Group session {...} always resturns ok, so I don't know what can I do in
post-auth to distinguish between all reject.

I test this configuration in my default server:

session {
        if ("%{Realm}" == "xxx.es") {
                sql
        }
}


post-auth {
        if (fail) {
                update reply {
                        Codigo-Reject := Imposible-Contactar-Backend
                }
                reject
        }
        sql
        Post-Auth-Type REJECT {
                if (simulcount) {
                        update reply {
                                Codigo-Reject = Sesion-Abierta
                        }
                }
                update reply {
                        Codigo-Reject = Credenciales-Erroneas
                }
                sql
                attr_filter.access_reject
        }
}

But don't work.

Here is part of the debug info for an accept request:

[pap] User authenticated successfully
++[pap] returns ok
+- entering group session {...}
++? if ("%{Realm}" == "xxx.es")
    expand: %{Realm} -> xxx.es
?? Evaluating ("%{Realm}" == "xxx.es") -> TRUE
++? if ("%{Realm}" == "xxx.es") -> TRUE
++- entering if ("%{Realm}" == "xxx.es") {...}
. . .

rlm_sql (sql): Reserving sql socket id: 4
rlm_sql (sql): Released sql socket id: 4
+++[sql] returns ok
++- if ("%{Realm}" == "xxx.es") returns ok
+- entering group post-auth {...}


And here is part of the debug info for an reject request for simultaneous
use:

[pap] User authenticated successfully
++[pap] returns ok
+- entering group session {...}
++? if ("%{Realm}" == "xxx.es")
    expand: %{Realm} -> xxx.es
?? Evaluating ("%{Realm}" == "xxx.es") -> TRUE
++? if ("%{Realm}" == "xxx.es") -> TRUE
++- entering if ("%{Realm}" == "xxx.es") {...}
. . .

rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): Released sql socket id: 3
+++[sql] returns ok
++- if ("%{Realm}" == "xxx.es") returns ok
} # server rinuex
Using Post-Auth-Type Reject
+- entering group REJECT {...}
++? if (simulcount)
? Evaluating (simulcount) -> TRUE
++? if (simulcount) -> TRUE


I need help. Thank you very much and sorry for my english.


-- 
____________________

  Ana Gallardo Gómez
____________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100721/a7bd8208/attachment.html>


More information about the Freeradius-Users mailing list