Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit6b76f1b

Browse files
committed
Support multiple RADIUS servers
This changes all the RADIUS related parameters (radiusserver,radiussecret, radiusport, radiusidentifier) to be plural and to accept acomma separated list of servers, which will be tried in order.Reviewed by Adam Brightwell
1 parentc137c68 commit6b76f1b

File tree

4 files changed

+339
-123
lines changed

4 files changed

+339
-123
lines changed

‎doc/src/sgml/client-auth.sgml

Lines changed: 19 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1621,24 +1621,36 @@ host ... ldap ldapurl="ldap://ldap.example.net/dc=example,dc=net?uid?sub"
16211621
<literal>Access Reject</>. There is no support for RADIUS accounting.
16221622
</para>
16231623

1624+
<para>
1625+
Multiple RADIUS servers can be specified, in which case they will
1626+
be tried sequentially. If a negative response is received from
1627+
a server, the authentication will fail. If no response is received,
1628+
the next server in the list will be tried. To specify multiple
1629+
servers, put the names within quotes and separate the server names
1630+
with a comma. If multiple servers are specified, all other RADIUS
1631+
options can also be given as a comma separate list, to apply
1632+
individual values to each server. They can also be specified as
1633+
a single value, in which case this value will apply to all servers.
1634+
</para>
1635+
16241636
<para>
16251637
The following configuration options are supported for RADIUS:
16261638
<variablelist>
16271639
<varlistentry>
1628-
<term><literal>radiusserver</literal></term>
1640+
<term><literal>radiusservers</literal></term>
16291641
<listitem>
16301642
<para>
1631-
The name or IPaddress of the RADIUSserver to connect to.
1643+
The name or IPaddresses of the RADIUSservers to connect to.
16321644
This parameter is required.
16331645
</para>
16341646
</listitem>
16351647
</varlistentry>
16361648

16371649
<varlistentry>
1638-
<term><literal>radiussecret</literal></term>
1650+
<term><literal>radiussecrets</literal></term>
16391651
<listitem>
16401652
<para>
1641-
The sharedsecret used when talking securely to the RADIUS
1653+
The sharedsecrets used when talking securely to the RADIUS
16421654
server. This must have exactly the same value on the PostgreSQL
16431655
and RADIUS servers. It is recommended that this be a string of
16441656
at least 16 characters. This parameter is required.
@@ -1656,17 +1668,17 @@ host ... ldap ldapurl="ldap://ldap.example.net/dc=example,dc=net?uid?sub"
16561668
</varlistentry>
16571669

16581670
<varlistentry>
1659-
<term><literal>radiusport</literal></term>
1671+
<term><literal>radiusports</literal></term>
16601672
<listitem>
16611673
<para>
1662-
The port number on the RADIUSserver to connect to. If no port
1674+
The port number on the RADIUSservers to connect to. If no port
16631675
is specified, the default port <literal>1812</> will be used.
16641676
</para>
16651677
</listitem>
16661678
</varlistentry>
16671679

16681680
<varlistentry>
1669-
<term><literal>radiusidentifier</literal></term>
1681+
<term><literal>radiusidentifiers</literal></term>
16701682
<listitem>
16711683
<para>
16721684
The string used as <literal>NAS Identifier</> in the RADIUS

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp