Ignoring failed module in post-auth
Michal Bruncko
michal.bruncko at zssos.sk
Tue Jan 10 16:47:19 CET 2012
Hi Alan,
thank you for reply. But I am afraid that your example is not working.
According "doc/configurable_failover": "The normal configuration is
"fail = return", which
means "if the detail module fails, stop processing the accounting
section". ..so "fail = return" is the default..
If I configure post-auth section like this:
post-auth {
sql {
fail = return
}
}
user autentication with unreachable mysql server will always ends with:
"++[sql] returns fail
Using Post-Auth-Type Reject"
I have not mentioned in my first email about looking to unlang. I have
looked on it, but either I dont understand or there is not that
combination of "code = value" that fills for this needs (I would not
sting the truth).
thanks for any next hint for this
michal
On 10. 1. 2012 0:31, Alan Buxey wrote:
> Hi,
>
>> but in case that the central mysql server (for many radius servers) is
>> unreachable, the loggining of request was failed and the module
>> executions returns with "++[sql] returns fail" and also whole
>> autentication procedure fails with REJCT even if the user was
>> successufully authenticated inside the "authenticate" section.
>
> man unlang
>
> ok the module succeeded
> updated the module updated the request
> fail the module failed
>
> and then doc/configurable_failover
>
> you want something like
>
> post-auth {
>
> sql_log {
> fail = return
> }
>
> }
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
--
Ing. Michal Bruncko, PhD., CCNP
Linux systems and network administrator
Coupled school of business and services Ruzomberok
Slovak Republic
More information about the Freeradius-Users
mailing list