rlm_realm module, Realm attr value
Phil Mayers
p.mayers at imperial.ac.uk
Mon Jan 24 16:15:46 CET 2011
On 01/24/2011 02:32 PM, Martin Stanislav wrote:
> There is one more case that could get this exception like treatment.
> If the configured realm value is "DEFAULT", the realm as entered
> by the user could be used to feed the Realm attribute value.
> Attached diff file describes the code change.
I don't think this is a good change.
For example:
authorize {
suffix
if (Realm == DEFAULT) {
# not a local realm; do some stuff
attr_filter.eduroam
}
}
...if you change the value of the "Realm" variable, it's never possible
to compare against it. We rely on this in a number of places.
Since as you point out, you can already accomplish this with unlang or
regexp realms, I don't think it's necessary to change the behaviour of
the existing module.
More information about the Freeradius-Users
mailing list