Set up /dev/null (no auth) proxy server on NULL realm
Seiichirou Hiraoka
seiichirou.hiraoka at gmail.com
Tue Dec 6 09:19:59 CET 2016
Hello alan,
Thank you for your polite answer.
I will explain the background of the question.
My proxy.conf as follow.
-----
realm "~^subdomain\.domain\.com$" {
authhost = LOCAL
accthost = LOCAL
}
realm "~^(.+\.)?domain\.com$" {
authhost = 127.0.0.1:1645
accthost = 127.0.0.1:1646
secret = dummy
}
home_server server1 {
...
}
home_server server2 {
...
}
home_server_pool server {
type = fail-over
home_server = server1
home_server = server2
}
realm NULL {
authhost = 127.0.0.1:1645
accthost = 127.0.0.1:1646
secret = dummy
}
realm DEFAULT {
pool = server
nostrip
}
-----
Authenticate the user only when subdomain is attached.
In case of domain without subdomain, if domain.com
doesnot exist, I want to fail authentication.
In this case, what do you think?
Best regards,
2016-12-05 20:48 GMT+09:00 <A.L.M.Buxey at lboro.ac.uk>:
> Hi,
>
>> Instead of failing all users' authentication, we want to fail only in the
>> case of NULL realm.
>> DEFAULT realm will authenticate with a real authentication server.
>
> NULL realm is no realm. thus you check with unlang as to whether is a realm.
>
> my previous answer already did that.
>
> please stop thkining about DEFALT and NULL anyway - those things are going - think instead of
> what the realm looks like, what format it is and how you want it handled (you shouldnt be using
> DEFAULT either ;-) )
>
> alan
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list