Man Linux: Main Page and Category List

NAME

       rlm_realm - FreeRADIUS Module

DESCRIPTION

       The rlm_realm module parses the User-Name attribute into a User section
       and a Realm section.  This is used  primarily  in  a  proxy  situation,
       however,  Realms  can also be used locally to provide different service
       profiles based on the Realm being used.

       The main configuration items to be aware of are:

       format This can be either ’prefix’ or ’suffix’.  It  specifies  whether
              the  Realm  is before or after the User portion in the User-Name
              string.

       delimiter
              A single character in quotes, which is used  as  the  delimiting
              character  that  separates  the  Realm  and User sections of the
              string.

       ignore_default
              This is set to either ’yes’ or ’no’.  If set to ’yes’, this will
              prevent  the  module  instance from matching a realm against the
              DEFAULT entry.  This may be useful if you  have  multiple  realm
              module instances.  The default is ’no’.

       ignore_null
              This is set to either ’yes’ or ’no’.  If set to ’yes’, this will
              prevent the module instance from matching a  realm  against  the
              NULL  entry.   This  may  be  useful  if you have multiple realm
              module instances.  The default is ’no’.

       This module parses the realm from the User-Name attrbiute according  to
       the  instance  configuration,  and  then  performs  a  lookup to find a
       matching realm in the ’/etc/raddb/proxy.conf’ file.  Depending  on  the
       configuration  of the Realm as matched in the file, the username may be
       rewritten in a ’stripped’ format, or with the  Realm  portion  removed.
       In either case, a Realm attribute is created and added to the packet on
       a match, which can be used by other modules.

CONFIGURATION

              modules {
                ... stuff here ...
                # useranme@realm syntax
                realm suffix {
                  format = suffix
                  delimiter = "@"
                }
                 # realm/username syntax
                 realm prefix {
                  format = prefix
                  delimiter = "/"
                }
                ... stuff here ...
              }

SECTIONS

       authorization, pre-accounting

FILES

       /etc/raddb/radiusd.conf, /etc/raddb/proxy.conf

SEE ALSO

       radiusd(8), radiusd.conf(5), proxy.conf(5)

AUTHORS

       Chris Parker, cparker@segv.org

                                 14 March 2004                    rlm_realm(5)