1rlm_realm(5) FreeRADIUS Module rlm_realm(5)
2
3
4
6 rlm_realm - FreeRADIUS Module
7
9 The rlm_realm module parses the User-Name attribute into a User section
10 and a Realm section. This is used primarily in a proxy situation, how‐
11 ever, Realms can also be used locally to provide different service pro‐
12 files based on the Realm being used.
13
14 The main configuration items to be aware of are:
15
16 format This can be either 'prefix' or 'suffix'. It specifies whether
17 the Realm is before or after the User portion in the User-Name
18 string.
19
20 delimiter
21 A single character in quotes, which is used as the delimiting
22 character that separates the Realm and User sections of the
23 string.
24
25 ignore_default
26 This is set to either 'yes' or 'no'. If set to 'yes', this will
27 prevent the module instance from matching a realm against the
28 DEFAULT entry. This may be useful if you have multiple realm
29 module instances. The default is 'no'.
30
31 ignore_null
32 This is set to either 'yes' or 'no'. If set to 'yes', this will
33 prevent the module instance from matching a realm against the
34 NULL entry. This may be useful if you have multiple realm mod‐
35 ule instances. The default is 'no'.
36
37 This module parses the realm from the User-Name attrbiute according to
38 the instance configuration, and then performs a lookup to find a match‐
39 ing realm in the '/etc/raddb/proxy.conf' file. Depending on the con‐
40 figuration of the Realm as matched in the file, the username may be
41 rewritten in a 'stripped' format, or with the Realm portion removed.
42 In either case, a Realm attribute is created and added to the packet on
43 a match, which can be used by other modules.
44
46 modules {
47 ... stuff here ...
48 # useranme@realm syntax
49 realm suffix {
50 format = suffix
51 delimiter = "@"
52 }
53 # realm/username syntax
54 realm prefix {
55 format = prefix
56 delimiter = "/"
57 }
58 ... stuff here ...
59 }
60
62 authorization, pre-accounting
63
65 /etc/raddb/radiusd.conf, /etc/raddb/proxy.conf
66
68 radiusd(8), radiusd.conf(5), proxy.conf(5)
69
71 Chris Parker, cparker@segv.org
72
73
74
75 14 March 2004 rlm_realm(5)