Enable Perl module in combination with EAP/SIM module

Shurbann Martes shurbann at gmail.com
Fri Jan 3 19:32:29 CET 2014 

You're right when you're so deep into a problem you assume that the issue
at hand is clear to everyone without sounding to cryptic. Let me try to
explain the problem at hand little bit more. I'm trying not to bother you
much with the details, but still be as clear as possible.

What' we're trying to accomplish here is to map (this was the typo ammped
in the earlier message) every RADIUS call to an HTTP call on another
system. We did not find any correct solution for this other that using the
Perl module. That's the reason we start using Perl module. So for example a
Access-Request will call a URL using HTTP GET on the other system, with
HTTP parameters containing the necessary info, i.e. user, Called-Station-Id
etc. Based on the response i.e. HTTP status response 403, 401 or 202
received from this system, we will send a Access-Accept or Access-Reject
back to the NAS. This is working OK, right now using the Auth-Type = Perl.

However with the introduction of the EAP-SIM module as part of the protocol
we're going to use, I was wondering if I can have FreeRADIUS configured
better, by trying not to use the Auth-Type. So I'm trying to find out what
the correct way of doing this is.

Regards,
Shurbann Martes




On Fri, Jan 3, 2014 at 12:33 PM, Alan DeKok <aland at deployingradius.com>wrote:

> Shurbann Martes wrote:
> > All the RADIUS PDU's need to be ammped to the HTTP API of a AAA server.
>
>   I'm not sure what that means.
>
> > So we're using the Perl module to do the HTTP calls. That's why we're
> > using perl in authenticate. If there is another way to proxy HTTP calls
> > please advise.
>
>  You're assuming I already understand your system, and then describing
> it using as fews words as possible.  Stop it.  You're giving me every
> reason to ignore you.  If you don't care enough to write useful
> questions, I don't care enough to write useful answers.
>
>   WHAT is the HTTP API doing?  "ammped" isn't an English word.
>
>   WHAT is the Perl code doing?  HTTP calls?  That's nice.. WHAT is it
> doing with those HTTP calls?  Sending magic pixies?  HOW is it using the
> RADIUS data to make those HTTP calls?
>
>   And "proxy HTTP calls" makes zero sense.  FreeRADIUS isn't an HTTP
> server.  So it can't proxy HTTP.
>
>    Right now, all I can tell is that you know how to use the words
> "RADIUS", "Perl", and "HTTP" in a sentence.  That's nice, but not
> particularly useful.
>
>    Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140103/5ac5a4eb/attachment-0001.html>

More information about the Freeradius-Users mailing list