Logging the matched SQL-Group
Phil Mayers
p.mayers at imperial.ac.uk
Wed Feb 23 14:45:18 CET 2011
On 23/02/11 13:31, Brian Candler wrote:
> When rlm_sql is running through each of a user's groups, the value
> %{SQL-Group} is set for each iteration. However it's cleared at the end.
I assume you're talking about the "authorize" method where it searches
radgroupcheck/radgroupreply, rather than:
if (SQL-Group == ...)
...yes?
>
> I would like to be able to capture the value of SQL-Group which was
> successfully matched (if any), so that I can log it in rlm_sql_log.
What if it matches >1 via a "Fall-Through = yes"
>
> Is there a straightforward way of doing this? Because I can't see one right
> now...
You could add:
My-Matched-Group += GROUPNAME
...to the radgroupreply, then log this attribute?
More information about the Freeradius-Users
mailing list