[Chilli] Forcing chilli to recheck RADIUS

Rob Campbell kg6hum at gmail.com
Wed May 19 17:38:58 UTC 2010


Ok.  I tried both the macreauth URL and the --macreauth command line
option.  The problem I am having is that the user is still redirected
to the splash and login pages.  It looks like it checks RADIUS, but
doesn't wait for the reply and does the redirect.  On the second
request it sees that they are authorized and then allows them through.
 Being redirected back to the login page after they had already
completed it would be confusing to the users.  Is there a way around
this?

If the splash page had a way to know they had been authorized, then it
could redirect to userurl instead of loginurl.  The splash pages gets
res=notyet though, so I don't see any way for it to know they were
authorized during the redirect.

--
Rob Campbell

On Tue, May 18, 2010 at 9:35 PM, David Bird <david at coova.com> wrote:
> You can send the user (via browser) to the chilli URL
> http://uamip:uamport/macreauth to have it kick off a new MAC
> authentication.
>
> On Tue, 2010-05-18 at 13:15 -0700, Rob Campbell wrote:
>> Hello,
>>
>> I am getting close to having chilli working, but I have run into a bit
>> of a problem.  I need to be able to force chilli to re-authenticate
>> against RADIUS when an update is made.  I know I can do a chilli_query
>> logout, but I would like to be able to do it automatically without
>> having to login to the server.
>>
>> I tried sending RADIUS Disconnect requests.  If the user is already
>> authorized a disconnect will work, but if they are still in the dnat
>> state I cannot disconnect them.  It looks like a CoA would have the
>> same problem.
>>
>> Is there any other way to do this?
>> Thank you.
>>
>> --
>> Rob Campbell
>> _______________________________________________
>> Chilli mailing list
>> Chilli at coova.org
>> http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
>
>
>


More information about the Chilli mailing list