using user-defined attributes and radreply

permalink · #1 (**permalink**) 04-29-2005

This is a multi-part message in MIME format.

------=_NextPart_000_0060_01C54CD8.4D1F21E0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

I am new to freeradius, and i was wondering if anyone could help with a =
basic problem i am having creating user-defined attributes. I have set =
up a dictionary file with the following entries.

=20

ATTRIBUTE myattrib 340 string

ATTRIBUTE myattrib2 341 integer=20

VALUE myattrib2 value0 0

VALUE myattrib2 value1 1

VALUE myattrib2 value2 2

=20

Now im not entirely sure whether this is right. Using the limited =
documentation, it appears that values 340 & 341 are currently unused and =
seem to correct ones to use for the required reply (I have also tried =
other unused values in other free ranges, e.g. 2000 &2001).=20

Now invoking this with the following radreply db entries (postgress), =
using user4 and the correct password and secret key:-

=20

id | username | attribute | op | value=20

----+----------+--------------+----+-------

1 | user4 | myattrib | =3D | hello

3 | user4 | myattrib2 | =3D | 1

2 | user4 | service-type | =3D | 1

=20

Results in a response:-=20

=20

-------------------25/04/2005 14:02:25 Test started =
[MYTASK]-------------------------

=20

Info:Sending Access-Request of id 0 to 10.101.2.5:1812

User-Name =3D "user4"=20

Password =3D "user3"

Info: Access-Accept packet from host 10.101.2.5:1812, id=3D0, =
length=3D26

Service-Type =3D Login-User

=20

--------------------25/04/2005 14:02:25 Test finished =
[MYTASK]-------------------------

=20

That is, only the system defined attribute is returned (login-user), not =
the other two. As a test, if I change 340, 341 to values that are =
already defined by system, say, 245 & 246. Then the response is.

=20

--------------------25/04/2005 11:56:08 Test started =
[MYTASK]-------------------------

=20

Info:Sending Access-Request of id 0 to 10.101.2.5:1812

User-Name =3D "user4"

Password =3D "user3"

Info: Access-Accept packet from host 10.101.2.5:1812, id=3D0, =
length=3D39

X-Ascend-Preempt-Limit =3D 0x68656c6c6f

Service-Type =3D Login-User

X-Ascend-Callback =3D 1

--------------------25/04/2005 11:56:08 Test finished =
[MYTASK]-------------------------

=20

=20

Here you can see three results including, X-Ascend-Preempt-Limit and =
X-Ascend-Callback Corresponding to the duplicate values defined in the =
system dictionary file. As these essentially overwrite my attributes, =
but the service-type entry still works, which suggest that though the db =
is working correctly and my attributes are being read, they are being =
ignored. Thus, what i think must be happening is that either I'm missing =
some part of the configuration indicating the values I use (345 & 346) =
may be used as return values, or the attribute values are not setup =
properly.=20

=20

Does anyone know what im doing wrong? I've looked at all the other =
configuration files nothing is obvious. Any suggestions?

regards,

Arun Mundray.

------=_NextPart_000_0060_01C54CD8.4D1F21E0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.2627" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV>
I am new to freeradius, and i was wondering if anyone =
could help=20
with a basic problem i am having creating user-defined =
attributes.  I=20
have set up a dictionary file with the following =
entries.
<FONT=20
face=3D"Times New Roman"> <SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><?xml:namespace =
prefix =3D o=20
ns =3D "urn:schemas-microsoft-com:office:office"=20
/><o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">ATTRIBUTE myattrib 340=20
string<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">ATTRIBUTE myattrib2 341 integer=20
<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">VALUE myattrib2 value0 =
0<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">VALUE myattrib2 value1 =
1<o:p></o:p>
<FONT=20
face=3D"Times New Roman"><SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt">VALUE myattrib2 =
value2=20
2<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: =
12.0pt"><o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"> <o:p></o:p>
Now im not entirely sure whether this is right. Using the =
limited=20
documentation, it appears that values 340 & 341 are currently =
unused=20
and seem to correct ones to use for the required reply  (I =
have=20
also tried other unused values in other free ranges, e.g. 2000 =

&2001). 
 
Now invoking this with the following radreply db entries=20
(postgress), using user4 and the correct password and secret =
key:-
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"> <o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">  id | username | attribute | op | =
value=20
<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New =
Roman">----+----------+--------------+----+-------<o:p></o:p></SPA=
N>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">1 | user4 | myattrib | =3D |=20
hello<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">3 | user4 | myattrib2 | =3D |=20
1<o:p></o:p>
<FONT=20
face=3D"Times New Roman"><SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt">2 | user4 | =
service-type | =3D=20
| 1<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: =
12.0pt"><o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 8pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"> <o:p></o:p>
Results in a response:- 
<FONT=20
face=3D"Times New Roman"> <o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">-------------------25/04/2005 14:02:25 Test =
started =20
[MYTASK]-------------------------<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"> <o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">Info:Sending Access-Request of id 0 to=20
10.101.2.5:1812<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"> User-Name =3D=20
"user4" <o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">Password =3D =
"user3"<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"> Info: Access-Accept packet from host=20
10.101.2.5:1812, id=3D0, length=3D26<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">Service-Type =3D=20
Login-User<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"> <o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">--------------------25/04/2005 14:02:25 Test =
finished=20
[MYTASK]-------------------------<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"> <o:p></o:p>
That is, only the system defined attribute is returned =
(login-user), not=20
the other two. As a test, if I change 340, 341 to values that are =
already=20
defined by system, say, 245 & 246. Then the response is.
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"> <o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">--------------------25/04/2005 11:56:08 Test =
started<SPAN=20
style=3D"mso-spacerun: yes"> =20
[MYTASK]-------------------------<o:p></o:p>=

<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"> <o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">Info:Sending Access-Request of id 0 to=20
10.101.2.5:1812<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"><SPAN=20
style=3D"mso-tab-count: =
1">       &nbsp ;   &nbs=
p;   =20
User-Name =3D "user4"<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"><SPAN=20
style=3D"mso-tab-count: =
1">       &nbsp ;   &nbs=
p;   =20
Password =3D "user3"<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">Info: Access-Accept packet from host =
10.101.2.5:1812,=20
id=3D0, length=3D39<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"><SPAN=20
style=3D"mso-tab-count: =
1">       &nbsp ;   &nbs=
p;   =20
X-Ascend-Preempt-Limit =3D =
0x68656c6c6f<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"><SPAN=20
style=3D"mso-tab-count: =
1">       &nbsp ;   &nbs=
p;   =20
Service-Type =3D Login-User<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"><SPAN=20
style=3D"mso-tab-count: =
1">       &nbsp ;   &nbs=
p;   =20
X-Ascend-Callback =3D 1<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><o:p><FONT=20
face=3D"Times New Roman"></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman">--------------------25/04/2005 11:56:08 Test =
finished=20
[MYTASK]-------------------------<o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"> <o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"> <o:p></o:p>
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><FONT=20
face=3D"Times New Roman"><o:p></o:p>
<FONT=20
face=3D"Times New Roman">Here you can see three results =
including,=20
<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: =
12.0pt">X-Ascend-Preempt-Limit<SPAN=20
style=3D"mso-spacerun: yes">  <FONT=20
size=3D3>and<SPAN=20
style=3D"FONT-SIZE: 10pt; mso-bidi-font-size: 12.0pt"><SPAN=20
style=3D"mso-spacerun: yes">  X-Ascend-Callback<SPAN=20
style=3D"mso-spacerun: yes">  Corresponding to=20
the duplicate values defined in the system dictionary file.  As =
these=20
essentially overwrite my attributes, but the service-type entry still =
works,=20
which suggest that though the db is working correctly and my attributes =
are=20
being read, they are being ignored. Thus, what i think must be happening =
is that=20
either I=92m missing some part of the configuration indicating the =
values I use=20
(345 & 346) may be used as return values, or the attribute values =
are not=20
setup properly. 
<FONT=20
face=3D"Times New Roman"> <o:p></o:p>
Does anyone know what im doing wrong? I=92ve looked at all the =
other=20
configuration files nothing is obvious. Any suggestions?
 
regards,
 
Arun Mundray.</DIV></BODY></HTML>

------=_NextPart_000_0060_01C54CD8.4D1F21E0--

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode