[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: How to Aurthenticate users with an external prog
From:       Dustin Doris <freeradius () mail ! doris ! cc>
Date:       2004-10-30 15:26:55
Message-ID: 20041030112136.E13964 () mail ! doris ! name
[Download RAW message or body]

Look into the doc directory.

README tells you about Exec-Program and Exec-Program-Wait you can put into
the users file.

variables.txt shows the variables that you can pass to it.  Pay attention
to the line with printenv > /tmp/exec-program-wait.  That will show you
the variables that are actually being passed, very helpful!

In raddb directory

radiusd.conf look for the exec echo section.  You can call an external
program using that as well.

Here is an example script I am testing.

#!/usr/local/bin/bash
if [ -z $FRAMED_IP_ADDRESS ]
  then
  exit 1
else
  exit 0
fi

I am looking to see if there is a Framed-IP-Address in the reply values.
if not, I reject them.

I load it in radiusd.conf with

        exec reply_check {
                wait = yes
                program = "/usr/local/etc/raddb/reply.sh"
                input_pairs = reply
                output_pairs = reply
                packet_type = Access-Accept
        }
and then execute it in the post-auth section

post-auth {
        reply_check
}

Hope that is helpful.

-Dusty Doris



On Sat, 30 Oct 2004, Payam Shabanian wrote:

> hi,
> does anybody  know:
> how to authenticate, Authorize, and do accounting on users
> with an external program?
>
> thanks
> Payam Shabanian
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]