post-auth help to simplify
Jonathan Davis
jonathan at prioritycolo.com
Mon Aug 30 14:26:55 CEST 2021
I skimmed the docs for a sub-string or trim style method to call on a
string, but did fine one.
You could use capturing groups in your regex:
if (&LDAP-Group == /(^\s?)(RSSO.*)(\s?)/) {
Then reference the 2nd group instead of the match with "%{2}"
If you're expecting more than a single whitespace, start or end, modify
the regex.
- Jonathan
On 2021-08-30 4:20 a.m., Pizu wrote:
> Hello,
>
> Currently we have the below in the post-auth and I would like to simplify
> this.
>
> if (&LDAP-Group == "RSSO - Group - 01") {
> update reply {
> &Tunnel-Type := "VLAN"
> &Tunnel-Medium-Type := "IEEE-802"
> &Tunnel-Private-Group-Id := "943"
> &Class := "RSSO-Group-01"
> }
> }
> elsif (&LDAP-Group == " RSSO - Test - Group - 01 ") {
> update Reply {
> &Tunnel-Type := "VLAN"
> &Tunnel-Medium-Type := "IEEE-802"
> &Tunnel-Private-Group-Id := "943"
> &Class := "RSSO-Test-Group-01"
> }
> }
> etc...
>
>
> We have over 70 groups like this, the above is working but I'd like to
> minimize the changes on the freeradius configuration and was thinking of
> using regex but not sure if it's possible in my case.
> As you can see from the above the LDAP-Group and Class differences are the
> spaces.
>
> I was thinking of doing something like the below:
>
> if (&LDAP-Group =~ /^RSSO/) { << Match if group starts with RSSO
> update reply {
> &Tunnel-Type := "VLAN"
> &Tunnel-Medium-Type := "IEEE-802"
> &Tunnel-Private-Group-Id := "943"
> &Class := "${0}" << is it possible to remove
> whitespaces? before the update reply?
> }
> }
>
> Regards,
>
> Pizu
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list