Cached attributes
Jonathan Gazeley
Jonathan.Gazeley at bristol.ac.uk
Wed Feb 24 15:24:45 CET 2016
On 24/02/16 13:49, A.L.M.Buxey at lboro.ac.uk wrote:
> Hi,
>
>> update {
>> &outer.session-state: += &reply:
>> &outer.session-state:User-Name = &User-Name
>> }
>
> update outer.session-state {
> User-Name = &User-Name
> }
>
>
> ?
>
>
> what does debug show?
With your suggested change, for some reason it does a noop
(8) update outer.session-state {
(8) &outer.session-state:User-Name = &User-Name ->
"iser-linauth at bris.ac.uk"
(8) } # update outer.session-state (noop)
The outer User-Name should at this point be anonymous at bris.ac.uk so I
would expect this update operation to make a change and set
&outer.session-state:User-Name to iser-linauth etc.
I'm not sure if I'm tying myself in knots here. Basically, in the past
we've decided on the user's VLAN in outer post-auth based on their inner
username, which we access like %{reply:User-Name} with
use_tunneled_reply=yes. This doesn't work with resumed sessions in FR3
like it did on FR2 and we haven't been able to figure out why.
We don't want to cache the VLAN number itself, i.e. don't want to make
the VLAN decision in the inner post-auth but we do want to cache the
inner User-Name so it can be easily accessed later to do the VLAN
calculation on resumed sessions.
Cheers,
Jonathan
More information about the Freeradius-Users
mailing list