Confirming understanding of the rlm_rest module

Arran Cudbard-Bell a.cudbardb at freeradius.org
Thu Jun 21 16:59:06 CEST 2018



> On Jun 21, 2018, at 10:05 AM, Andris Bjornson <andris at everylayer.com> wrote:
> 
> I'm looking into options for integrating freeradius with my own external
> software.
> 
> I see that there is the rlm_rest module - from reviewing it's docs, I
> believe I understand that this would allow me to have my freeradius
> server(s) relay auth and/or accounting requests to my own external systems
> by calling api endpoints on the external systems.

Correct.

> I believe I understand there is no native ability in freeradius to expose
> its own HTTP endpoint that external systems could call to do things like
> add/modify/delete users and trigger freeradius CoA requests.
> 
> Is this correct?

Yes.  There's really little advantage to FreeRADIUS exposing an API to modify your datastore.  If you manage users in an SQL database, write an API to wrap the SQL database, same with LDAP, Redis, Couchbase etc...

If you want to send CoA requests there are RADIUS client libraries in multiple languages or with multiple language bindings.

-Arran
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20180621/1d8508b7/attachment-0001.sig>


More information about the Freeradius-Users mailing list