Discussion:
Access-Accept does not "see" the attribute defined in the dictionary file
Vafa Andalibi
2018-11-21 15:49:24 UTC
Permalink
Hello,

I've built the FR (master branch) on raspberry pi and I'm trying to run it
with a custom defined attribute in Access-Accept. I have added this
attribute at the end of */usr/local/etc/raddb/dictionary* as follows:


*ATTRIBUTE TEST-ATTRIBUTE-1.2.3 3011 string*

This is the only uncommented line in the dictionary file. Then in
*/usr/local/etc/raddb/sites-enabled/default* inside the *send
Access-Accept* block,
I have added a very simple code:


*send Access-Accept{*
*...*
*if (&session-state:TEST-ATTRIBUTE-1.2.3) {*
* update {*
* &Url-Data :="%{session-state:TEST-ATTRIBUTE-1.2.3}"*
* }*
* rest*
*}*
*...*
*}*


Then after running it with *sudo /usr/local/sbin/radiusd -X*, I'm getting
the following error:

*...*

*compiling - send Access-Accept {...}*
*/usr/local/etc/raddb/sites-enabled/default[1033]: Failed resolving
undefined attribute: Unknown protocol 'TEST-ATTRIBUTE-1'*
*/usr/local/etc/raddb/sites-enabled/default[1033]: Failed to parse "if"
subsection*
*/usr/local/etc/raddb/sites-enabled/default[988]: Failed compiling 'send
Access-Accept { ... }' section*
*/usr/local/etc/raddb/sites-enabled/default[80]: Could not load virtual
server "default".*


Could you please help me with this? what am I missing?


Thank you in advance,
-
List info/subscribe/unsubscribe? See http://www.fre
Alan DeKok
2018-11-21 15:55:16 UTC
Permalink
Post by Vafa Andalibi
I've built the FR (master branch)
Please don't use the "master" branch unless you are VERY familiar with RADIUS. v4 is in heavy development, and may not even work from day to day.

Why are you using v4?
Post by Vafa Andalibi
on raspberry pi and I'm trying to run it
with a custom defined attribute in Access-Accept. I have added this
*ATTRIBUTE TEST-ATTRIBUTE-1.2.3 3011 string*
There's no need to add ** around everything. Just paste the text.

And, why are you adding that attribute? What is it for?
Post by Vafa Andalibi
This is the only uncommented line in the dictionary file. Then in
*/usr/local/etc/raddb/sites-enabled/default* inside the *send
Access-Accept* block,
*send Access-Accept{*
*...*
*if (&session-state:TEST-ATTRIBUTE-1.2.3) {*
* update {*
* &Url-Data :="%{session-state:TEST-ATTRIBUTE-1.2.3}"*
* }*
* rest*
*}*
*...*
*}*
Then after running it with *sudo /usr/local/sbin/radiusd -X*, I'm getting
*...*
*compiling - send Access-Accept {...}*
*/usr/local/etc/raddb/sites-enabled/default[1033]: Failed resolving
undefined attribute: Unknown protocol 'TEST-ATTRIBUTE-1'*
Well, that seems simple enough. The name is getting truncated. Don't use "." in an attribute name.

Or, use v3.

Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/
Vafa Andalibi
2018-11-21 16:04:01 UTC
Permalink
Hi Alan,

Sorry for the bad formatting. The code that I'm working on and I'm trying
to run was previously developed on v3.1.x branch which apparently doesn't
exists anymore. So I assumed the closest thing to that is the master now.
The reason they used v.3.1.x instead of v3.0.x is mentioned in the comments
to be "At the time of this writing, the FreeRadius 3.0.x versions have a
problem with REST" and there is no further information about what was that
problem. I'll try to move back to v3.0.x now.

Thank you for your help,
Post by Alan DeKok
Post by Vafa Andalibi
I've built the FR (master branch)
Please don't use the "master" branch unless you are VERY familiar with
RADIUS. v4 is in heavy development, and may not even work from day to day.
Why are you using v4?
Post by Vafa Andalibi
on raspberry pi and I'm trying to run it
with a custom defined attribute in Access-Accept. I have added this
*ATTRIBUTE TEST-ATTRIBUTE-1.2.3 3011 string*
There's no need to add ** around everything. Just paste the text.
And, why are you adding that attribute? What is it for?
Post by Vafa Andalibi
This is the only uncommented line in the dictionary file. Then in
*/usr/local/etc/raddb/sites-enabled/default* inside the *send
Access-Accept* block,
*send Access-Accept{*
*...*
*if (&session-state:TEST-ATTRIBUTE-1.2.3) {*
* update {*
* &Url-Data :="%{session-state:TEST-ATTRIBUTE-1.2.3}"*
* }*
* rest*
*}*
*...*
*}*
Then after running it with *sudo /usr/local/sbin/radiusd -X*, I'm getting
*...*
*compiling - send Access-Accept {...}*
*/usr/local/etc/raddb/sites-enabled/default[1033]: Failed resolving
undefined attribute: Unknown protocol 'TEST-ATTRIBUTE-1'*
Well, that seems simple enough. The name is getting truncated. Don't
use "." in an attribute name.
Or, use v3.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/un
Alan DeKok
2018-11-21 16:06:18 UTC
Permalink
Post by Vafa Andalibi
Sorry for the bad formatting. The code that I'm working on and I'm trying
to run was previously developed on v3.1.x branch which apparently doesn't
exists anymore. So I assumed the closest thing to that is the master now.
The reason they used v.3.1.x instead of v3.0.x is mentioned in the comments
to be "At the time of this writing, the FreeRadius 3.0.x versions have a
problem with REST" and there is no further information about what was that
problem. I'll try to move back to v3.0.x now.
Hmm... the rest module in v3 is fine. Lots of people use it for lots of things.

Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.

Continue reading on narkive:
Loading...