diff options
author | venaas <venaas> | 2007-05-23 08:26:04 +0000 |
---|---|---|
committer | venaas <venaas@e88ac4ed-0b26-0410-9574-a7f39faa03bf> | 2007-05-23 08:26:04 +0000 |
commit | 9eebebe0b40c6456fa974c744c48f07ed2f53f7f (patch) | |
tree | 2ef44c743e733f440c608ea474cf7f388e8d53ba /radsecproxy.conf-example | |
parent | b1cf2a9afe47bfd3872ccaf88b1470080fd84633 (diff) |
now uses regexp for realms including warnings that will be removed later
git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@96 e88ac4ed-0b26-0410-9574-a7f39faa03bf
Diffstat (limited to 'radsecproxy.conf-example')
-rw-r--r-- | radsecproxy.conf-example | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/radsecproxy.conf-example b/radsecproxy.conf-example index 62d5836..6e1c055 100644 --- a/radsecproxy.conf-example +++ b/radsecproxy.conf-example @@ -33,6 +33,13 @@ TLSCertificateKeyPassword follow the white rabbit #also the lines above may be in any order, except that a realm #can only be configured to use a server that is previously configured. +#Also note that case insensitive regexp is used for realms, matching +#the entire username string. The matching is done in the order the +#realms are specified, using the first match found. Some examples are +#"@example\.com$", "\.com$", ".*" and "[a-z].*@example\.com$". +#To treat local users separately you might try first specifying "@" +#and after that ".*". + client 2001:db8::1 { type tls secret verysecret @@ -50,7 +57,7 @@ server 127.0.0.1 { type UDP secret secret } -realm eduroam.cc { +realm @eduroam\.cc$ { server 127.0.0.1 } @@ -64,16 +71,12 @@ server radius.example.com { secret verysecret } -realm example.com { +realm @example\.com$ { server 2001:db8::1 } -realm com { +realm \.com$ { server 2001:db8::1 } -# Matching of realms is done in the order specified. -# Except * which is a catch all that is used as a last resort -# The matching is going to be changed to be regexp of the -# entire username value -realm * { +realm .* { server radius.example.com } |