bionic (5) rlm_realm.5.gz

Provided by: freeradius-common_3.0.16+dfsg-1ubuntu3.2_all bug

NAME

       rlm_realm - FreeRADIUS Module

DESCRIPTION

       The  rlm_realm  module  parses  the User-Name attribute into a User section and a Realm section.  This is
       used primarily in a proxy situation, however, Realms can  also  be  used  locally  to  provide  different
       service profiles based on the Realm being used.

       The main configuration items to be aware of are:

       format This  can  be  either 'prefix' or 'suffix'.  It specifies whether the Realm is before or after the
              User portion in the User-Name string.

       delimiter
              A single character in quotes, which is used as the delimiting character that separates  the  Realm
              and User sections of the string.

       ignore_default
              This  is set to either 'yes' or 'no'.  If set to 'yes', this will prevent the module instance from
              matching a realm against the DEFAULT entry.  This may be useful if you have multiple realm  module
              instances.  The default is 'no'.

       ignore_null
              This  is set to either 'yes' or 'no'.  If set to 'yes', this will prevent the module instance from
              matching a realm against the NULL entry.  This may be useful if you  have  multiple  realm  module
              instances.  The default is 'no'.

       This  module  parses  the realm from the User-Name attrbiute according to the instance configuration, and
       then performs a lookup to find a matching realm in the '/etc/freeradius/3.0/proxy.conf' file.   Depending
       on  the  configuration of the Realm as matched in the file, the username may be rewritten in a 'stripped'
       format, or with the Realm portion removed.  In either case, a Realm attribute is created and added to the
       packet on a match, which can be used by other modules.

CONFIGURATION

       modules {
         ... stuff here ...
         # useranme@realm syntax
         realm suffix {
           format = suffix
           delimiter = "@"
         }
          # realm/username syntax
          realm prefix {
           format = prefix
           delimiter = "/"
         }
         ... stuff here ...
       }

SECTIONS

       authorization, pre-accounting

FILES

       /etc/freeradius/3.0/radiusd.conf, /etc/freeradius/3.0/proxy.conf

SEE ALSO

       radiusd(8), radiusd.conf(5), proxy.conf(5)

AUTHORS

       Chris Parker, cparker@segv.org

                                                  14 March 2004                                     rlm_realm(5)