Forum Discussion
karthik_sriniva
Nimbostratus
NimbostratusMultiple Auth
Hi,
Can someone post an example on how to do multiple authentication.
For example, first one could be radius auth and the next one could be ldap authentication.
Thank...
rule twoauth {
when CLIENT_ACCEPTED {
set ldap_authed 0
set radius_authed 0
}
when HTTP_REQUEST {
set username [HTTP::username]
set password [HTTP::password]
set asid_ldap [AUTH::start pam default_ldap]
set asid_radius [AUTH::start pam default_radius]
AUTH::username_credential $asid_ldap $username
AUTH::password_credential $asid_ldap $password
AUTH::authenticate $asid_ldap
AUTH::username_credential $asid_radius $username
AUTH::password_credential $asid_radius $password
AUTH::authenticate $asid_radius
HTTP::collect
}
when AUTH_SUCCESS {
if {$asid_ldap eq [AUTH::last_event_session_id]} {
set ldap_authed 1
}
if {$asid_radius eq [AUTH::last_event_session_id]} {
set radius_authed 1
}
if {$radius_authed == 1 && $ldap_authed == 1} {
HTTP::release
}
}
when AUTH_FAILURE {
if {$asid_ldap eq [AUTH::last_event_session_id] ||
$asid_radius eq [AUTH::last_event_session_id]} {
HTTP::respond 401
}
}
when AUTH_WANTCREDENTIAL {
if {$asid_ldap eq [AUTH::last_event_session_id] ||
$asid_radius eq [AUTH::last_event_session_id]} {
HTTP::respond 401
}
}
when AUTH_ERROR {
if {$asid_ldap eq [AUTH::last_event_session_id] ||
$asid_radius eq [AUTH::last_event_session_id]} {
HTTP::respond 401
}
}
}
