FR 2.1.6 add realm to User-Name before Proxy by listening port

Mika mika.koivisto at logica.com
Thu Feb 17 10:13:43 CET 2011


Hello.
I am having some problems with the below configuration that does not work.
I have configured a virtual server on port 21000 that is to receive
Access-Request packets, the server is to look for a realm in a mssql
database before another query is done for the authentication server to proxy
to.

I do not want to put my sql queries to dialup.conf, instead i would like the
below logic to work.
But i am missing something vital and probably obvious.
Regards
Mika



virtual-server config in sites-enabled/

listen {
ipaddr = 192.168.199.5
port = 21000
type=auth
virtual_server = SERVER-21000
}
server SERVER-21000 {
authorize {
        preprocess
        pap
        sql
update request {
        realm = "%{sql:select AccountIDSuffix FROM RequestGroup where
AUTProxyPort = 21000}"
        User-Name := "%{User-Name}@%{realm}"
        NAS-IP-Address := "%{Client-IP-Address}"
        }
update control {
        Tmp-String-0 = "%{sql:select AUTServer FROM RequestGroup where
AUTProxyPort = 21000}"
        Proxy-To-Realm := "%{Tmp-String-0}"
        }
}
}

-------


from radiusd -X
Listening on authentication address 192.168.199.5 port 21000 as server
SERVER-21000
Listening on proxy address * port 1814
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.199.9 port 46599, id=117,
length=60
        User-Name = "testuser"
        User-Password = "testpass"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
server SERVER-21000 {
# Executing section authorize from file /etc/raddb/sites-enabled/all-servers
+- entering group authorize {...}
++[preprocess] returns ok
[pap] WARNING! No "known good" password found for the user.  Authentication
may fail because of this.
++[pap] returns noop
[sql]   expand: %{User-Name} -> testuser
[sql] sql_set_user escaped user --> 'testuser'
rlm_sql (sql): Reserving sql socket id: 4
[sql] SQL query error; rejecting user
rlm_sql (sql): Released sql socket id: 4
++[sql] returns fail
} # server SERVER-21000
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
-- 
View this message in context: http://freeradius.1045715.n5.nabble.com/FR-2-1-6-add-realm-to-User-Name-before-Proxy-by-listening-port-tp3303117p3389119.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.



More information about the Freeradius-Users mailing list