CODEWITHSUNDEEP
phpmysqldatabaseradiusfreeradius
MemUya
MemUya

Reputation: 347

FreeRADIUS - Delete user from database when session has expired

I am using FreeRADIUS along with MySQL to authenticate users.

Users are saved in the radcheck table. User attributes are saved in the radreply table.

For example I have a user named Bob in the radcheck table.

username | attribute           | op | value
------------------------------------------------
Bob      | Cleartext-Password  | := | password12

Bob has a Session-Timeout value of 60 (1 minute) in the radreply table.

username | attribute       | op | value
------------------------------------------------
Bob      | Session-Timeout | := | 60
Bob      | Idle-Timeout    | := | 60

This all works fine. My problem is that RADIUS just re-authenticates Bob straight away. I assume this is because Bob still exists in the radcheck table.

Is there a way to remove Bob from the radcheck and radreply tables after the Session-Timeout time has been reached?

Upvotes: 0

Views: 2822

Answers (2)

user11297254
user11297254

Reputation: 1

It's correct behavior of radius. If bob is auth well, session times out in 60 seconds. Idle timeout is not nessessary if <= session-timeout. You have to count something to a maximum you have set and then change access from accept to reject. Next time session-timeout reached bob can not reauth

Upvotes: 0

Prathmesh
Prathmesh

Reputation: 191

You can write a custom login using Perl/PHP script in postacctsql using Perl/PHP module in Freeradius. postacctsql will give you the user who is session timeout and then you can write a custom script to delete a record from Mysql DB. You can find many examples of such scrip on google.

Upvotes: 1

Related Questions