Radius strategy for Opauth
This package is auto-updated.
Last update: 2021-10-04 17:14:46 UTC
Opauth strategy for Radius authentication.
Opauth is a multi-provider authentication framework for PHP.
cd path_to_opauth/Strategy git clone git://github.com/flexcoders/opauth-radius.git radius
Configure Opauth-Radius strategy.
Since this is not an HTTP based protocol, some of the standard Opauth config does not apply. There is no redirection involved, and a username and password needs to be passed.
You call it like so:
// some input vars $providerName = "Radius"; // prep a config $config = [ 'provider' => $providerName, 'username' => $_POST['username'], 'password' => $_POST['password'], 'request_uri' => '/current/uri/'.strtolower($providerName), 'callback_url' => '/your/uri/for/callback/'.strtolower($providerName), ]; // construct the Opauth object $this->opauth = new \Opauth($config, true);
It will attempt a Radius login, and then redirect to the callback url, just like with all other Opauth strategies, and with a similar response.
<?php 'Radius' => array( 'server' => '127.0.0.1', 'secret' => 'testing123', 'port' => 1812, 'acctport' => 1813, 'nasip' => '188.8.131.52', 'level' => 10, 'higher' => 6, 'lower' => 2, 'expiry' => 86400, )
Support for Cisco's AVPair "shell:priv-lvl":
Altough not strictly part of the authentication process, this library has support for Cisco's shell privilege level, as used in a lot of large organisations to allow different levels of administrator access.
It allows you to define a threshold
level. If the privilege level is greater or equal then
the value defined, the
higher value will be returned in $this->auth['info']['group_id'],
and if the level is lower, the
lower value will be returned.
This will allow an Opauth implementation to create user accounts that immediately be used when the user logs in for the first time because the required set of permissions within the application is already known.
Opauth-Radius is MIT Licensed Copyright © 2015 FlexCoders Ltd (http://flexcoders.co.uk)