manpagez: man pages & more
man rlm_realm(5)

man pages By Section Choose... 123456789ln Alphabetically Choose... ABCDEFGHIJKLMNOPQRSTUVWXYZOther

Other versions of rlm_realm Choose... osxs-10.5osx-10.8

Home | html | info | man

rlm_realm(5)                   FreeRADIUS Module                  rlm_realm(5)

NAME

       rlm_realm - FreeRADIUS Module

DESCRIPTION

       The rlm_realm module parses the User-Name attribute into a User section
       and a Realm section.  This is used primarily in a proxy situation, how-
       ever, Realms can also be used locally to provide different service pro-
       files based on the Realm being used.

       The main configuration items to be aware of are:

       format This can be either 'prefix' or 'suffix'.  It  specifies  whether
              the  Realm  is before or after the User portion in the User-Name
              string.

       delimiter
              A single character in quotes, which is used  as  the  delimiting
              character  that  separates  the  Realm  and User sections of the
              string.

       ignore_default
              This is set to either 'yes' or 'no'.  If set to 'yes', this will
              prevent  the  module  instance from matching a realm against the
              DEFAULT entry.  This may be useful if you  have  multiple  realm
              module instances.  The default is 'no'.

       ignore_null
              This is set to either 'yes' or 'no'.  If set to 'yes', this will
              prevent the module instance from matching a  realm  against  the
              NULL  entry.  This may be useful if you have multiple realm mod-
              ule instances.  The default is 'no'.

       This module parses the realm from the User-Name attrbiute according  to
       the instance configuration, and then performs a lookup to find a match-
       ing realm in the '/etc/raddb/proxy.conf' file.  Depending on  the  con-
       figuration  of  the  Realm  as matched in the file, the username may be
       rewritten in a 'stripped' format, or with the  Realm  portion  removed.
       In either case, a Realm attribute is created and added to the packet on
       a match, which can be used by other modules.

CONFIGURATION

              modules {
                ... stuff here ...
                # useranme@realm syntax
                realm suffix {
                  format = suffix
                  delimiter = "@"
                }
                 # realm/username syntax
                 realm prefix {
                  format = prefix
                  delimiter = "/"
                }
                ... stuff here ...
              }

SECTIONS

       authorization, pre-accounting

FILES

       /etc/raddb/radiusd.conf, /etc/raddb/proxy.conf

SEE ALSO

       radiusd(8), radiusd.conf(5), proxy.conf(5)

AUTHORS

       Chris Parker, cparker@segv.org



                                 14 March 2004                    rlm_realm(5)

---

Mac OS X 10.6Server - Generated Thu Apr 15 07:12:19 CDT 2010

© manpagez.com 2000-2025
Individual documents may contain additional copyright information.