Thread: RADIUS secret in file

RADIUS secret in file

From

Magnus Hagander

Date:

15 February 2010, 15:32:28

Attached is the "last step" of the RADIUS authenticaiton as I promised
Stephen - which allows the reading of the RAIDUS secret from a file
instead of hardcoded in pg_hba.conf. One reason being you don't want
the secret in your config file that may be in a shared repository or
such. IIRC Stephen had some other reason, but I'll leave it to him to
fill that in :-)


--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/

Attachment

radius_file.patch

Re: RADIUS secret in file

From

Stefan Kaltenbrunner

Date:

15 February 2010, 15:37:36

Magnus Hagander wrote:
> Attached is the "last step" of the RADIUS authenticaiton as I promised
> Stephen - which allows the reading of the RAIDUS secret from a file
> instead of hardcoded in pg_hba.conf. One reason being you don't want
> the secret in your config file that may be in a shared repository or
> such. IIRC Stephen had some other reason, but I'll leave it to him to
> fill that in :-)

Do we really need this in addition to the existing pg_hba.conf @-include 
functionality?


Stefan

Re: RADIUS secret in file

From

Stephen Frost

Date:

15 February 2010, 15:52:24

* Magnus Hagander (magnus@hagander.net) wrote:
> IIRC Stephen had some other reason, but I'll leave it to him to
> fill that in :-)

I was really looking for multi-server support as well, and support
for a config-file format that's commonly used for RADIUS.  I'll
take a whack at doing that this evening.
Thanks,
    Stephen