[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: high level design question
From:       Matt Zagrabelny via Freeradius-Users <freeradius-users () lists ! freeradius ! org>
Date:       2022-10-14 15:58:30
Message-ID: CAOLfK3WKdrDY1tgWrcH0CKT2JK-_Xke0MsM4CVd6cwyhHqwHJA () mail ! gmail ! com
[Download RAW message or body]

Hey Mathew,


On Fri, Oct 14, 2022 at 7:49 AM Matthew Newton <mcn@freeradius.org> wrote:

> On 14/10/2022 01:36, Matt Zagrabelny via Freeradius-Users wrote:
> >>          and then do:
> >>
> >>          if ("%{client:group}" == "group1") {
> >>                  ... proxy to server1
> >>          }
> >>          elsif ("%{client:group}" == "group2") {
> >>                  ... proxy to server2
> >>          }
> >
> > Cool. I suppose I was overengineering the design thinking that there
> might
> > be more than one application on a host where app1 wants single factor
> auth
> > and app2 wants two factor auth.
>
> If that were the case you'd need to look at the incoming attributes in
> the packet and use something there to determine what destination to
> proxy to.
>

Thanks for the additional insight - it is appreciated.

Cheers,

-m
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]