Using unlang for authentication
Phil Mayers
p.mayers at imperial.ac.uk
Tue Jul 31 14:31:29 CEST 2012
On 31/07/12 13:19, Andrei Petru Mura wrote:
> I declared a new attribute on FR dictionary, called
> CarboSolutions-NotBefore. This attribute should contain the data time as
> a string before what the user should not be able to authenticate. That
> attribute is placed in radcheck table (like: CarboSolutions-NotBefore >=
> 20120801). I tried to deal with that following some threads from that
> forum on similar issues, that sooner or later leads to unlang
> procedures. I also read the unlang's man page. But I can't understand
> how to deal with unlang. Can anyone help me to obtain what I need?
>
> What I need: I need that every authentication request, should contain an
> CarboSolutions-NotBefore field with current date.
It isn't very clear what you want to do here, I'm afraid.
What have you tried?
If I understand you correctly, you want to store an attribute in the
"radcheck" table that contains a date, and compare that date to "today".
If so, you can do this:
authorize {
...
# put todays date into the attribute
update request {
CarboSolutions-NotBefore := "%Y%m%d"
}
# run SQL module
sql
...
}
...and in your radcheck table:
insert into radcheck (username,attribute,op,val) values (
'username',
'CarboSolutions-NotBefore',
'>=',
'20120731'
);
More information about the Freeradius-Users
mailing list