| [ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
Auth-Failure-Trigger This attribute specifies an external program or a Scheme expression to be run upon an authentication failure. The handling of this attribute depends upon its value:
If the value of Auth-Failure-Trigger begins with ‘/’, it
is taken to contain a command line for invoking an external
program. In this case radiusd invokes the program much the
same way it does when handling Exec-Program attribute, i.e. the
program is invoked with standard input closed, its standard output and
standard error are captured and redirected to
‘radlog/radius.stderr’ file, the return value of the
program is ignored.
If the value of Auth-Failure-Trigger begins with ‘(’, it
is executed it as a Scheme expression. The return value of the
expression is ignored.
This attribute is designed as a means to provide special handling for authentication failures. It can be used, for example, to increase failure counters and to block accounts after a specified number of authentication failures occurs. See section Controlling Authentication Probes, for the detailed discussion of its usage.
This document was generated by Sergey Poznyakoff on December, 6 2008 using texi2html 1.78.