Post-Auth-Type Accept vs Post-Auth-Type Reject 3.0.14
Wussler, Doug
doug.wussler at fsu.edu
Mon Jun 19 18:57:42 CEST 2017
I’m using 3.0.14.
For a successful authentication, the log shows the Post-Auth routine executing
BEFORE the log record expansion and output. This is handy because the
Post-Auth routine sets some variables used by the log message (as set
in radius.conf).
For an unsuccessful authentication, the log shows the Post-Auth-Type
“Reject” executing AFTER the log record expansion and output, which seems
inconsistent and prevents the setting of the variables used in the log.
Is this a bug or correct behavior? If it is correct behavior, what is the reason
that we want Post-Auth to run BEFORE the log expansion but Post-Auth-Type
Reject to run AFTER the log expansion?
Doug Wussler
Florida State University
More information about the Freeradius-Users
mailing list