how to test a user in db from free-radius server
Fajar A. Nugraha
list at fajar.net
Tue Jan 15 14:59:16 CET 2013
On Tue, Jan 15, 2013 at 7:37 PM, Lakshmi Narayana Baliah
<LB0074453 at techmahindra.com> wrote:
> Hi All,
>
> I have configured freeradius server + oracle database 11g.
>
> I send user1 in the Access-Request from radclient to the free-radius server.
>
> I need to check whether user1 is exists in user_test table, which is in oracle database 11g.
> The table contains username - 'user1' and status--'valid'
>
> If user found in user_test table Access-Accept else Access-Reject should return to the radclient.
>
> Note : should not use 'users' file
>
> Please help me how can do that?........................
There are several parts to your question:
(1) How to use only db, and not use users file.
Short answer: Just leave the users file as it is, don't add anything there.
Users file also contains some default reply items which might be
useful, even when your user data is stored on db.
You could also remove "files" module from authorize section, but I
wouldn't recommend it.
(2) What to do to reject the user if a user is not found in
whatever-user-backend-that-you-use
Short answer: Nothing.
FR already does that by default, no need to do anything special.
(3) How to use a custom table structure and names
Short answer: modify the sql queries (sql/*/dialup.conf)
If you've read Arran's earlier response to your other question, he wrote
"
... one row per attribute that needs to be added to the reply, with the columns:
id, username, attribute, value, op
Id and username aren't used IIRC so they can be anything.
"
Just modify the queries to do what you want while still returning
those output. Some times this is as simple as changing table and
column names, other times a JOIN is sufficient, while on some cases it
might be as complex as having to write a special view or stored
procedure.
You CAN do that, right? If not, better hire someone who can implement
it for you. It's not rocket science, but don't expect people to do
your work for you.
--
Fajar
More information about the Freeradius-Users
mailing list