Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

For the purpose of VPN access control, it is a common requirement that the RADIUS server sends back return some specific attributes in an Access-Accept request.

The example below demonstrate how to send back return the user's Group ID or Name as a RADIUS attribute: Filter-Id

...

In the field "Maps To:", write groups.id.join(','). If you are in favour of name, you can use groups.name.join(','). Also, check the box "return Response".

Now, add assign Radius attributes to a specified group(or user).

...

What if this user belongs to two groups, for instance aaa and ccc? The result will be Filter-Id=aaa,ccc.

Furthermore, if you only add the attribute on group aaa (not on ccc) and you want to return only return one group name, e.g 'aaa', then use the following syntax.you must assign the attribute on the group 'aaa'  and map the attribute to:

nestedGroups.find{it.radiusAttributes.any{ att-> att.name=='Filter-Id'}}.name