Using RADIUS with multiple proxy sources
From: Jonathan Keffer (jkeffer@mail.jwk.lawrence.ks.us)Date: 08/07/02
- Next message: MaryAnne: "Re: CISSP"
- Previous message: Splatter: "Re: CISSP Certification?"
- Next in thread: Marcus Williamson: "Re: Using RADIUS with multiple proxy sources"
- Reply: Marcus Williamson: "Re: Using RADIUS with multiple proxy sources"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: jkeffer@mail.jwk.lawrence.ks.us (Jonathan Keffer) Date: 7 Aug 2002 10:58:20 -0700
I'm interested in best practices or past experiences setting up RADIUS
to use multiple proxy sources.
In particular, I want some of my users to have to use token based
authentication and others to only be required to use a simple user ID
and password.
I can set up a RADIUS server to proxy the login request to a token
system like ACE. I can also configure a RADIUS server to proxy the
login request to my LDAP database or to a standalone userID/password
database.
However, if I do both, the RADIUS server will allow a user access to
the system if they have EITHER account type.
To resolve this, I could append a proxy identifer to the end of the
user ID to force the RADIUS server to choose a particular proxy
source. Again, the user could simply choose to enter a different
proxy identifer and route his/her request to the least secure proxy
source.
I'm particularly interested in how this problem has been addressed in
the past.
- Next message: MaryAnne: "Re: CISSP"
- Previous message: Splatter: "Re: CISSP Certification?"
- Next in thread: Marcus Williamson: "Re: Using RADIUS with multiple proxy sources"
- Reply: Marcus Williamson: "Re: Using RADIUS with multiple proxy sources"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
