Proxying based on a regex

Charles Plater ab3189 at wayne.edu
Mon Jul 25 22:33:19 CEST 2011


The desired end result is for the end users to not have to type in the realm. The users would just type in their IDs. We have 2 campuses, and one campus uses a standard "license plate" format for the IDs - i.e. aa0000. The other campus uses a first initial followed by the last name i.e. jsmith. My regex correctly determines the type of ID, I'm just trying to figure out how to forward them to the correct realm based just on the ID. In my example, the <REGEX> looks for the aa0000 format, if not found I'd like to proxy the request to one realm, and if found, it can be handled by the local server.

On Jul 25, 2011, at 4:20 PM, Sallee, Stephen (Jake) wrote:

> We did this through our realms see code:
> 
> In your proxy.conf
> 
> realm "~.*umhb\\.edu$" {
> #### some code here###
> ###usually the virtual server you want to proxy them to###
> }
> 
> If I am understanding your question right that should do it, but others may have a better way .. or I could be on crack ...
> 
> 
> -----Original Message-----
> From: freeradius-users-bounces+jake.sallee=umhb.edu at lists.freeradius.org [mailto:freeradius-users-bounces+jake.sallee=umhb.edu at lists.freeradius.org] On Behalf Of Charles Plater
> Sent: Monday, July 25, 2011 3:05 PM
> To: freeradius-users at lists.freeradius.org
> Subject: Proxying based on a regex
> 
> I'm trying to configure our FreeRadius (2.1.9) server to proxy based on the format of the ID. I have a working regex that determines the domain to which the request should be sent, but I'm having a hard time figuring out the syntax of the proxy statement. Here's what I've tried:
> 
> if (User-Name !~ <REGEX>) {
> 	proxy: domain.name
> else {
> 	proxy: LOCAL
> 	}
> }
> 
> FWIW, I can successfully authenticate do the "domain.name" realm by using userid at domain.name.
> 
> Can anyone offer any suggestions? Thanks in advance.
> -- 
> Charles Plater
> Lead Application Technical Analyst
> Internet Services
> +1-313-577-4620
> ab3189 at wayne.edu
> 
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-- 
Charles Plater
Lead Application Technical Analyst
Internet Services
+1-313-577-4620
ab3189 at wayne.edu





More information about the Freeradius-Users mailing list