Temporary accounts
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Wed Nov 16 18:21:41 CET 2016
> On Nov 16, 2016, at 12:06 PM, Zsolt <dqeswn at gmail.com> wrote:
>
> 2016-11-16 15:41 GMT+01:00 Alan DeKok <aland at deployingradius.com>:
>
>> You need to implement custom rules yourself.
>>
>> When I said that FreeRADIUS doesn't implement account management, I
>> meant that it doesn't implement account management. This includes
>> automatic adding of users, deleting of users, expiration, etc.
>>
>> You MUST decide what to do, and then implement it yourself.
>>
>
> I see. Though, thinking about it, even if I do, I think it wouldn't work
> for what I want.
> If I understand RADIUS correctly (?), the server only responds to requests
> by the clients (eg:my wifi router) and doesn't act by itself (eg: by
> sending a revoke access message or such).
> So if I implement custom rules to expire user accounts then that won't come
> into play until the client tries to authenticate it again, so if someone is
> connected the person would stay connected indefinitely(untill log-off or a
> break in the connection).
You can trigger that asynchronously using CoA/DM packets.
Or you can setup polling by including a Session-Timeout value.
-Arran
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20161116/d26d46ea/attachment.sig>
More information about the Freeradius-Users
mailing list