How to write log only once in Post-Auth-Type REJECT section of EAP module?
Alan DeKok
aland at deployingradius.com
Mon Jan 29 19:34:45 UTC 2024
On Jan 29, 2024, at 8:29 AM, 남혁준 <sawd1598 at gmail.com> wrote:
>
> During the testing process, methods that seem likely to be usable are
> identified and added.
>
> However, this seems to ignore the warning(?) written in the comment. Is
> this the correct way?
If it works, it's fine.
> I don't know if you are saying that you can't use session-state or that you
> shouldn't use it.
It is saying that the session-state attributes don't exist there.
> I tried configuring it so that if the content copied from "INNER-EAP" to
> the following command exists, it is not executed.
Why not just have the inner server do:
Post-Auth-Type REJECT {
...
update outer.session-state {
&Module-Failure-Message += &request:Module-Failure-Message
}
That should be fine.
Alan DeKok.
More information about the Freeradius-Users
mailing list