You can change the User-Name attribute in each request by using
RewriteUsername configuration parameters globally and
in different clauses. This allows you to apply separate rewriting rules to
the User-Name. In case there are several clauses with
RewriteUsername parameters, rewriting rules for a
request are executed in the following order:
- Globally when received by Radiator. This occurs prior to other
rewrites.
- Within a
<Client>,
<ServerRADSEC> or
<ServerTACACSPLUS> clause depending on how
the request was received.
- When handled by a
<Handler> or
<Realm> depending on which clause is
selected.
- When handled by an
<AuthBy GROUP> clause.
This occurs before any of the <AuthBy>
clauses in the group are called.
The parameter is a Perl substitution regular expression that is applied
to the User-Name attribute in the request. If you do not know how to write
Perl substitution regexps, you should consult a Perl programmer. At Trace
level 4, you can see the result of each separate rewrite for debugging
purposes.
You can have any number of RewriteUsername
parameters. The rewrites are applied to the username in the same order
that they appear in the configuration file.
Here are some example of using this feature in a variety of
circumstances:
- Strip the realm name from the username. This is handy if your user
database contains only the usernames without the realm extension, for
example,
fred instead of
fred@yourdomain.com.
# Strip realm
RewriteUsername s/^([^@]+).*/$1/
- Convert Microsoft or other style usernames from domain\user to the
user@realm form that Radiator uses. Note that
regexps need to quote some characters. For example @ needs to be quoted
with backslash \:
# Convert a MSN realm/user into user@realm
RewriteUsername s/^(.*)\/(.*)/$2\@$1/
- Force all usernames to be lower case or upper case:
# Translate all uppercase to lowercase
RewriteUsername tr/A-Z/a-z/
- Remove any white spaces from the username:
RewriteUsername s/\s+//g
- Convert all
<user>@realm1 to
<user>@realm2:
RewriteUsername s/^([^@]+)\@realm1/$1\@realm2/
- Change any
mikem username to
fred:
RewriteUsername s/^mikem\@/fred\@/
Table of contents: Radiator® AAA Server
7 - Check and reply items
9 - File formats