Discussion:
get name of authentication realm
(too old to reply)
Zdeněk Sobotka
2018-11-29 11:02:57 UTC
Permalink
Hello, I'm trying to retreive name of "authentication realm" like a
variable in the Freeradius v3 ("LOCAL" in variable in my case). In debug
log, near suffix module i see:

(1) suffix: Checking for suffix after "@"
(1) suffix: Looking up realm "yyyy.cz" for User-Name = "***@yyyy.cc"
(1) suffix: Found realm "yyyy.cc"
(1) suffix: Adding Stripped-User-Name = "name"
(1) suffix: Adding Realm = "yyyy.cc"
(1) suffix: Authentication realm is LOCAL

I'm found in documentation, that the "Authentication realm" can be found
in "control:Proxy-To-Realm"
(https://networkradius.com/doc/3.0.10/raddb/mods-available/realm.html).

At logs i have, but that variable is empty:
(2)     if ("%{control:Proxy-To-Realm}" != "LOCAL") {
(2)     ERROR: Failed retrieving values required to evaluate condition

Thank you for the advice.
Alan DeKok
2018-11-29 11:43:31 UTC
Permalink
Post by Zdeněk Sobotka
Hello, I'm trying to retreive name of "authentication realm" like a
variable in the Freeradius v3 ("LOCAL" in variable in my case). In debug
(1) suffix: Found realm "yyyy.cc"
(1) suffix: Adding Stripped-User-Name = "name"
(1) suffix: Adding Realm = "yyyy.cc"
(1) suffix: Authentication realm is LOCAL
That means you added a configuration in proxy.conf:

realm yyyy.cc {
}

Which means it's not going to be proxied anywhere.
Post by Zdeněk Sobotka
I'm found in documentation, that the "Authentication realm" can be found
in "control:Proxy-To-Realm"
(https://networkradius.com/doc/3.0.10/raddb/mods-available/realm.html).
(2) if ("%{control:Proxy-To-Realm}" != "LOCAL") {
(2) ERROR: Failed retrieving values required to evaluate condition
Just check if there's no Proxy-To-Realm. And you don't need to do a string expansion:

if (!control:Proxy-To-Realm) {
... it is being handled locally ...
}

Alan DeKok.


-
List info/subscribe/unsubscribe? See http

Loading...