Configure rlm_rest module to allow token authentication
rohith.asrk at gmail.com
Tue Jul 10 12:17:41 CEST 2018
I actually think I got my basics wrong here. Sorry for all the confusion.
Please ignore the previous mail.
What I actually need is configuring the FreeRADIUS daemon to send requests
to the API. And the API here needs token in the form of a authorization
header or a querystring.
Can I configure FreeRADIUS to send HTTP requests to the API with bearer
authorization in the headers? As of now, the rest module configuration
looks like this
The API is going to check for tokens in the headers or in the query strings
and we want the FreeRADIUS instance to be an authorized user.
On Tue, Jul 10, 2018 at 12:15 PM, Rohith Asrk <rohith.asrk at gmail.com> wrote:
> Sorry Alan for not being specific in the previous mail.
> We want the RADIUS daemon to receive HTTP requests containing
> authorization headers like "Authorization: Bearer <token>" and authenticate
> users using this token. This is because we want only authorised users to
> use the APIs we've created in django-freeradius.
> This seems possible from django's end but not sure how it can be enabled
> in FreeRADIUS. If it is not possible, I just want to know if FreeRADIUS
> allows requests which contain authorization headers even if there is no
> support to authenticate against them. So that we'd put restrictions from
> the from our web interface and forward requests only if they contain the
> token in the header.
> Thank you.
> Rohith ASRK
> On Tue, Jul 10, 2018 at 2:45 AM, Alan DeKok <aland at deployingradius.com>
>> > On Jul 9, 2018, at 5:07 PM, Rohith Asrk <rohith.asrk at gmail.com> wrote:
>> > I just want the FreeRADIUS daemon to receive such requests and probably
>> > extract the token from header and authenticate against it.
>> "such requests"... again, what is in the requests? Which attribute in
>> the RADIUS packet are you using?
>> You need to be specific here.
>> And again, the rest module doesn't support custom authorization
>> headers. The module has documentation, and it works as documented.
>> Figure out what RADIUS attribute has the information. Read the REST
>> documentation to see how to configure it. Then, configure the REST module
>> to use that RADIUS attribute.
>> If you have specific questions, then ask *specific* questions. Right
>> now, all I know is you want something to do with RADIUS and HTTP. But you
>> haven't given any details which let me give you a specific answer.
>> Q: Can I do stuff?
>> A: Yes, you can do stuff.
>> Q: How?
>> A: I have no idea. It depends on what stuff you want to do
>> Alan DeKok.
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list
More information about the Freeradius-Users