- # Safe characters list for sql queries. Everything else is replaced
- # with their mime-encoded equivalents.
- # The default list should be ok
-# safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
-
- #######################################################################
- # Query config: Username
- #######################################################################
- # This is the username that will get substituted, escaped, and added
- # as attribute 'SQL-User-Name'. '%{SQL-User-Name}' should be used
- # below everywhere a username substitution is needed so you you can
- # be sure the username passed from the client is escaped properly.
- #
- # Uncomment the next line, if you want the sql_user_name to mean:
- #
- # Use Stripped-User-Name, if it's there.
- # Else use User-Name, if it's there,
- # Else use hard-coded string "none" as the user name.
- #
- #sql_user_name = "%{%{Stripped-User-Name}:-%{%{User-Name}:-none}}"
- #
- sql_user_name = "%{User-Name}"
-
- #######################################################################
- # Default profile
- #######################################################################
- # This is the default profile. It is found in SQL by group membership.
- # That means that this profile must be a member of at least one group
- # which will contain the corresponding check and reply items.
- # This profile will be queried in the authorize section for every user.
- # The point is to assign all users a default profile without having to
- # manually add each one to a group that will contain the profile.
- # The SQL module will also honor the User-Profile attribute. This
- # attribute can be set anywhere in the authorize section (ie the users
- # file). It is found exactly as the default profile is found.
- # If it is set then it will *overwrite* the default profile setting.
- # The idea is to select profiles based on checks on the incoming
- # packets, not on user group membership. For example:
- # -- users file --
- # DEFAULT Service-Type == Outbound-User, User-Profile := "outbound"
- # DEFAULT Service-Type == Framed-User, User-Profile := "framed"
- #
- # By default the default_user_profile is not set
- #
-# default_user_profile = "DEFAULT"
+#######################################################################
+# Default profile
+#######################################################################
+# This is the default profile. It is found in SQL by group membership.
+# That means that this profile must be a member of at least one group
+# which will contain the corresponding check and reply items.
+# This profile will be queried in the authorize section for every user.
+# The point is to assign all users a default profile without having to
+# manually add each one to a group that will contain the profile.
+# The SQL module will also honor the User-Profile attribute. This
+# attribute can be set anywhere in the authorize section (ie the users
+# file). It is found exactly as the default profile is found.
+# If it is set then it will *overwrite* the default profile setting.
+# The idea is to select profiles based on checks on the incoming
+# packets, not on user group membership. For example:
+# -- users file --
+# DEFAULT Service-Type == Outbound-User, User-Profile := "outbound"
+# DEFAULT Service-Type == Framed-User, User-Profile := "framed"
+#
+# By default the default_user_profile is not set
+#
+# default_user_profile = "DEFAULT"