Defining multiple post-auth INSERT queries for the same table
Alan DeKok
aland at deployingradius.com
Wed May 17 16:45:57 CEST 2017
On May 16, 2017, at 5:48 PM, Stefan Paetow <Stefan.Paetow at JISC.AC.UK> wrote:
>
> Ok,
>
>>> instance. Do I simply name them (i.e. name_of_query = 'query here...')
>>> and then just invoke them in their appropriate section?
>>
>> It depends on what you want to do. What's the schema and use-case?
>
> Schema is something like this:
>
> [gss_acceptor] [namespace] [username] [targeted_id]
>
> The *-TargetedId entries depend on 3 attributes: GSS-Acceptor-Host-Name
> (gives us Moonshot-Host-TargetedId), GSS-Acceptor-Realm-Name (gives us
> Moonshot-Realm-TargetedId) and Trust-Router-COI (gives us
> Moonshot-TR-COI-TargetedId).
Then you're probably better off just writing a custom SQL inner in the post-auth stage...
> Given the policy unlang to generate a targeted Id is exactly the same for
> all three versions, except for the namespace and the GSS attribute, either
> I define custom attributes in the UKERNA dictionary that I set the
> gas_acceptor, namespace and targeted_id to for each generation, or I
> change the schema to include all three like this:
>
> [gss_acceptor_host_name] [gss_acceptor_realm_name] [trust_router_coi]
> [namespace] [username] [host_targeted_id] [realm_targeted_id]
> [tr_coi_targeted_id]
>
> This just seems a waste of space.
>
> What do you think is better? The first option? It seems more concise.
I agree.
Alan DeKok.
More information about the Freeradius-Users
mailing list