unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (Debian-5.0)
Page:
Section:
Apropos / Subsearch:
optional field

rlm_realm(5)                   FreeRADIUS Module                  rlm_realm(5)



NAME
       rlm_realm - FreeRADIUS Module

DESCRIPTION
       The rlm_realm module parses the User-Name attribute into a User section
       and a Realm section.  This is used primarily in a proxy situation, how-
       ever, Realms can also be used locally to provide different service pro-
       files based on the Realm being used.

       The main configuration items to be aware of are:

       format This can be either 'prefix' or 'suffix'.  It  specifies  whether
              the  Realm  is before or after the User portion in the User-Name
              string.

       delimiter
              A single character in quotes, which is used  as  the  delimiting
              character  that  separates  the  Realm  and User sections of the
              string.

       ignore_default
              This is set to either 'yes' or 'no'.  If set to 'yes', this will
              prevent  the  module  instance from matching a realm against the
              DEFAULT entry.  This may be useful if you  have  multiple  realm
              module instances.  The default is 'no'.

       ignore_null
              This is set to either 'yes' or 'no'.  If set to 'yes', this will
              prevent the module instance from matching a  realm  against  the
              NULL  entry.  This may be useful if you have multiple realm mod-
              ule instances.  The default is 'no'.

       This module parses the realm from the User-Name attrbiute according  to
       the instance configuration, and then performs a lookup to find a match-
       ing realm in the '/etc/raddb/proxy.conf' file.  Depending on  the  con-
       figuration  of  the  Realm  as matched in the file, the username may be
       rewritten in a 'stripped' format, or with the  Realm  portion  removed.
       In either case, a Realm attribute is created and added to the packet on
       a match, which can be used by other modules.

CONFIGURATION
       modules {
         ... stuff here ...
         # useranme@realm syntax
         realm suffix {
           format = suffix
           delimiter = "@"
         }
          # realm/username syntax
          realm prefix {
           format = prefix
           delimiter = "/"
         }
         ... stuff here ...
       }

SECTIONS
       authorization, pre-accounting

FILES
       /etc/raddb/radiusd.conf, /etc/raddb/proxy.conf

SEE ALSO
       radiusd(8), radiusd.conf(5), proxy.conf(5)

AUTHORS
       Chris Parker, cparkerATsegv.org



                                 14 March 2004                    rlm_realm(5)