using external script in virtual server config

Alan DeKok aland at deployingradius.com
Sun Jan 18 04:29:30 CET 2015


On Jan 16, 2015, at 1:32 PM, the2nd at otpme.org wrote:

> Okay thanks for the explanation.
> 
> Here is the configuration that works for me:
> 
>       authorize {
>                if (!control:Auth-Type) {
>                        update control {
>                                Auth-Type := `/usr/local/bin/otpme-auth -l verify %{User-Name} %{User-Password} %{NAS-Identifier} %{Client-IP-Address}`
>                        }
>                }

  To be clear:  You’re setting the value of Auth-Type based on the script.

> But is this the correct way to call an external script? I thought it should be done in the authenticate section. But if i try it with the config below it does not work:
> 
>        authorize {
>                if (!control:Auth-Type) {
>                        update control {
>                            Auth-Type := OTPme
>                        }
>                }
> 
>        authenticate {
>                Auth-Type OTPme {
>                       update control {
>                               Auth-Type := `/usr/local/bin/otpme-auth -l verify %{User-Name} %{User-Password} %{NAS-Identifier} %{Client-IP-Address}`
>                       }
>                }

  Auth-Type says which subsection to use for the “authenticate” section.  Setting Auth-Type *inside* of “authenticate” makes no sense,.

  Alan DeKok.



More information about the Freeradius-Users mailing list