Realm

Miha miha at softnet.si
Thu Jan 24 12:15:17 CET 2013


thanks!

MIha

Dne 1/23/2013 3:58 PM, piše Phil Mayers:
> On 23/01/13 14:47, Miha wrote:
>> Hi,
>>
>> my radius client is sending with user-name and password aslo realm. I
>> can not disable sending realm, is it possible to configure radius that
>> will not user realm with user-name (user-name at realm)?
>>
>> [digest] Digest-Attributes look OK. Converting them to something more
>> usful.
>> *Digest-User-Name = "018108500"*
>> *Digest-Realm = "test1.opensips.softnet.si"*
>> Digest-Nonce = "510001fb00000006c9cc728438be21e324f917a5ea234380"
>> Digest-URI = "sip:+38588888882 at test1.opensips.test.si"
>> Digest-Method = "INVITE"
>> [digest] Adding Auth-Type = DIGEST
>> ++[digest] returns ok
>> [suffix] Looking up realm "test1.opensips.softnet.si" for User-Name =
>> *"018108500 at test1.opensips.**test.si*"
>> [suffix] No such realm "test1.opensips.softnet.si"
>> ++[suffix] returns noop
>> [eap] No EAP-Message, not doing EAP
>> ++[eap] returns noop
>> ++[files] returns noop
>> [sql] expand: %{User-Name} -> *018108500 at test1.opensips.**test.si*
>>
>>
>> Radius will need to chack only user-name (*018108500*).
>
> Sure. The easiest option is something like this:
>
> authorize {
> ...
> if (User-Name =~ /^(.+)@(.+)$/) {
> update request {
> Stripped-User-Name := "%{1}"
> Realm := "%{2}"
> }
> }
> ...
> }
>
> ...and then ensure your SQL/files/whatever modules use an appropriate 
> expansion for their "key" value e.g.
>
> sql {
> ...
> sql_user_name = "%{%{Stripped-User-Name}:-%{User-Name}}"
> ...
> }
>
> This is the default. So basically, you identify the realm yourself, 
> set "Stripped-User-Name", and use that.
> -
> List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html
>



More information about the Freeradius-Users mailing list