freeradius + jradius
aland at deployingradius.com
Wed Sep 30 15:17:10 CEST 2015
On Sep 29, 2015, at 7:50 PM, Jim Shi <hanmao_shi at apple.com> wrote:
> Hi, I would like to use freeradius radius for verify client certificate (EAP - TLS) (authentication), and use jradius (which is java code) for authorization.
> In jradius, I need access the CN of client certificate for authorization. Is that possible?
In v2, yes. See raddb/sites-available/default. Look for TLS-Client-Cert...
> That is, I would like freeradius to put client certificate’s CN in the radius packet before sending to jradius for authorization.
Just follow the example above and it will work.
Note that in v3, there is no jradius module. It was unmaintained, and therefore removed. I'd recommend using a REST API in v3 instead.
More information about the Freeradius-Users