| 4 |
- |
1 |
# -*- text -*-
|
|
|
2 |
#
|
| 34 |
- |
3 |
# $Id: ed26e571e8f0bcf3bf586ceb16d0cdff182f5017 $
|
| 4 |
- |
4 |
|
|
|
5 |
# A simple value checking module
|
|
|
6 |
#
|
|
|
7 |
# As of 2.0, much of the functionality of this module is in "unlang".
|
|
|
8 |
# You should probably investigate using that before trying to use
|
|
|
9 |
# the "checkval" module.
|
|
|
10 |
#
|
|
|
11 |
# It can be used to check if an attribute value in the request
|
|
|
12 |
# matches a (possibly multi valued) attribute in the check
|
|
|
13 |
# items This can be used for example for caller-id
|
|
|
14 |
# authentication. For the module to run, both the request
|
|
|
15 |
# attribute and the check items attribute must exist
|
|
|
16 |
#
|
|
|
17 |
# i.e.
|
|
|
18 |
# A user has an ldap entry with 2 radiusCallingStationId
|
|
|
19 |
# attributes with values "12345678" and "12345679". If we
|
|
|
20 |
# enable rlm_checkval, then any request which contains a
|
|
|
21 |
# Calling-Station-Id with one of those two values will be
|
|
|
22 |
# accepted. Requests with other values for
|
|
|
23 |
# Calling-Station-Id will be rejected.
|
|
|
24 |
#
|
|
|
25 |
# Regular expressions in the check attribute value are allowed
|
|
|
26 |
# as long as the operator is '=~'
|
|
|
27 |
#
|
|
|
28 |
checkval {
|
|
|
29 |
# The attribute to look for in the request
|
|
|
30 |
item-name = Calling-Station-Id
|
|
|
31 |
|
|
|
32 |
# The attribute to look for in check items. Can be multi valued
|
|
|
33 |
check-name = Calling-Station-Id
|
|
|
34 |
|
|
|
35 |
# The data type. Can be
|
|
|
36 |
# string,integer,ipaddr,date,abinary,octets
|
|
|
37 |
data-type = string
|
|
|
38 |
|
|
|
39 |
# If set to yes and we dont find the item-name attribute in the
|
|
|
40 |
# request then we send back a reject
|
|
|
41 |
# DEFAULT is no
|
|
|
42 |
#notfound-reject = no
|
|
|
43 |
}
|
|
|
44 |
|