[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: Respond with access-accept when password incorrect
From: Matthew Newton via Freeradius-Users <freeradius-users () lists ! freeradius ! org>
Date: 2023-02-09 9:55:42
Message-ID: 9faf1939-f19f-100a-3427-7ca1e5d25463 () freeradius ! org
[Download RAW message or body]
On 09/02/2023 08:25, Steven Walters wrote:
> I just would like to understand why (purpose) one needs to set 'reject=1'?
> If I remove the statement the policy doesn't work.
The default action for "reject" is to immediately return. So, if the pap
module returns "reject", processing of the Auth-Type PAP section stops
at that point.
Updating the "reject" action to priority 1 means that it no longer
returns, but returns the "reject" result code. The following "if" can
then check the code that was returned and do something.
It's explained at https://wiki.freeradius.org/config/Fail%20over
--
Matthew
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic