[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnu-radius] Manipulating realm info
From: |
Charles Sprickman |
Subject: |
[Help-gnu-radius] Manipulating realm info |
Date: |
Tue, 13 Apr 2004 18:38:25 -0400 (EDT) |
Hi,
I'm lucky(??) enough to be in the middle of redesigning how we are
authenticating *everything*, so please bear with me as I wander into the
radius section of things...
We will essentially have two large groups of users:
-those that have simple personal "address@hidden" accounts. This is under
control; they can hit various services locally with either just "username"
or "address@hidden" and authenticate. This also works well with
outsourced dial and news, as the "@bway.net" signifies to the remote end
that they need to auth via radius to us.
-those that have "domain" accounts, ie "address@hidden" type
accounts. Again, locally this is complete. These people can
pop/imap/smtp-auth/ftp with a full email-style username.
This is where radius gets complicated. Obviously if they hit an
outsourced dialup number with that type of username, the remote radius
server isn't going to know where to send that auth request. So I'm trying
to think of a clever way to do this. One thought is to have them login
with a different seperator in the username, ie:
"address@hidden".
If I go that route, is it possible to split the username portion at the
"%" and pass those two tokens to my sql query for authentication? If
someone could give me a shove in the right direction, or some rough
example, that would be very helpful.
Thanks,
Charles
___
Charles Sprickman
NetEng/SysAdmin
Bway.net - New York's Best Internet - www.bway.net
address@hidden - 212.655.9344
- [Help-gnu-radius] Manipulating realm info,
Charles Sprickman <=