1rlm_realm(5)                   FreeRADIUS Module                  rlm_realm(5)
2
3
4

NAME

6       rlm_realm - FreeRADIUS Module
7

DESCRIPTION

9       The rlm_realm module parses the User-Name attribute into a User section
10       and a Realm section.  This is used primarily in a proxy situation, how‐
11       ever, Realms can also be used locally to provide different service pro‐
12       files based on the Realm being used.
13
14       The main configuration items to be aware of are:
15
16       format This can be either 'prefix' or 'suffix'.  It  specifies  whether
17              the  Realm  is before or after the User portion in the User-Name
18              string.
19
20       delimiter
21              A single character in quotes, which is used  as  the  delimiting
22              character  that  separates  the  Realm  and User sections of the
23              string.
24
25       ignore_default
26              This is set to either 'yes' or 'no'.  If set to 'yes', this will
27              prevent  the  module  instance from matching a realm against the
28              DEFAULT entry.  This may be useful if you  have  multiple  realm
29              module instances.  The default is 'no'.
30
31       ignore_null
32              This is set to either 'yes' or 'no'.  If set to 'yes', this will
33              prevent the module instance from matching a  realm  against  the
34              NULL  entry.  This may be useful if you have multiple realm mod‐
35              ule instances.  The default is 'no'.
36
37       This module parses the realm from the User-Name attrbiute according  to
38       the instance configuration, and then performs a lookup to find a match‐
39       ing realm in the '/etc/raddb/proxy.conf' file.  Depending on  the  con‐
40       figuration  of  the  Realm  as matched in the file, the username may be
41       rewritten in a 'stripped' format, or with the  Realm  portion  removed.
42       In either case, a Realm attribute is created and added to the packet on
43       a match, which can be used by other modules.
44

CONFIGURATION

46       modules {
47         ... stuff here ...
48         # useranme@realm syntax
49         realm suffix {
50           format = suffix
51           delimiter = "@"
52         }
53          # realm/username syntax
54          realm prefix {
55           format = prefix
56           delimiter = "/"
57         }
58         ... stuff here ...
59       }
60

SECTIONS

62       authorization, pre-accounting
63

FILES

65       /etc/raddb/radiusd.conf, /etc/raddb/proxy.conf
66

SEE ALSO

68       radiusd(8), radiusd.conf(5), proxy.conf(5)
69

AUTHORS

71       Chris Parker, cparker@segv.org
72
73
74
75                                 14 March 2004                    rlm_realm(5)
Impressum