FreeRADIUS with custom multi-factor authentication
Alan DeKok
aland at deployingradius.com
Thu Feb 14 18:46:13 CET 2019
On Feb 14, 2019, at 11:33 AM, Clint Lord <clint at voodoocube.com> wrote:
>
> Thank you for your guidance, that provided us the high level direction we were looking for.
That's good.
> The complexity of the web services we are using for username/password validation and MFA processing leads us to believe we need to use rlm_python to write the authorize method. However we're not finding any documentation that tells us how to create access challenges or manage state from within our python code. We are basically looking for the list of the objects and APIs that are available to us when we are writing the authorize method in python.
You can return different values from python, and then key off of that:
python
if (user ock) {
challenge
return
}
As of 3.0.17 (I think) all of the lists are available to the Python module. So you can do whatever you want, keep state in "session-state", and it should all just work.
Alan DeKok.
More information about the Freeradius-Users
mailing list