FreeRadius unauthorized access

Arran Cudbard-Bell a.cudbardb at freeradius.org
Fri Jan 31 23:16:02 CET 2014


On 31 Jan 2014, at 22:03, Alan Buxey <A.L.M.Buxey at lboro.ac.uk> wrote:

> Be very careful about the sorts of enforcing suggested... They can cause issues with certain types of authentication. .. eg EAP-TLS where there is no innerID...

ok

if (User-Name && outer.User-Name && (User-Name == outer.User-Name)) 

:)

> or eduroam where you don't know the real innerID of visitors. 

Wouldn't be going through the inner server. There's no way you can enforce this from the outer server.

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140131/855c44a4/attachment.pgp>


More information about the Freeradius-Users mailing list