# $Id$
#
-# Write Moonshot-*-TargetedId to the database.
+# Write Moonshot-*-TargetedId (MSTID) to the database.
#
# Schema raddb/sql/moonshot-targeted-ids/<DB>/schema.sql
# Queries raddb/sql/moonshot-targeted-ids/<DB>/queries.conf
# The sub-module to use to execute queries. This should match
# the database you're attempting to connect to.
#
- # There are CUI queries available for:
+ # There are MSTID queries available for:
# * rlm_sql_mysql
# * rlm_sql_postgresql
# * rlm_sql_sqlite
bootstrap = ${modconfdir}/${..:name}/moonshot-targeted-ids/sqlite/schema.sql
}
- # Write CUI queries to a logfile. Useful for debugging.
-# logfile = ${logdir}/cuilog.sql
+ # Write MSTID queries to a logfile. Useful for debugging.
+# logfile = ${logdir}/moonshot-targeted-id-log.sql
pool {
start = 5
idle_timeout = 60
}
- moonshot_tid_table = "moonshot-targeted-ids"
+ # If you adjust the table name here, you must also modify the table name in
+ # the moonshot_get_targeted_id.post-auth policy in policy.d/moonshot-targeted-ids
+ # and the schema.sql files in the mods-config/sql/moonshot-targeted-ids tree.
+ #
+ moonshot_tid_table = "moonshot_targeted_ids"
sql_user_name = "%{User-Name}"
$INCLUDE ${modconfdir}/${.:name}/moonshot-targeted-ids/${dialect}/queries.conf
--- /dev/null
+# -*- text -*-
+#
+# moonshot-targeted-ids/mysql/queries.conf -- Queries to update a MySQL Moonshot-Targeted-Ids table.
+#
+# $Id$
+
+post-auth {
+ # Query to store the Moonshot-*-TargetedId
+ query = "\
+ INSERT IGNORE INTO ${..moonshot_tid_table} \
+ (gss_acceptor, namespace, username, targeted_id) \
+ VALUES \
+ ('%{control:Moonshot-MSTID-GSS-Acceptor}', '%{control:Moonshot-MSTID-Namespace}', \
+ '%{tolower:%{User-Name}}', '%{control:Moonshot-MSTID-TargetedId}')"
+}
--- /dev/null
+CREATE TABLE `moonshot_targeted_ids` (
+ `gss_acceptor` varchar(254) NOT NULL default '',
+ `namespace` varchar(36) NOT NULL default '',
+ `username` varchar(64) NOT NULL default '',
+ `targeted_id` varchar(128) NOT NULL default '',
+ `creationdate` timestamp NOT NULL default CURRENT_TIMESTAMP,
+ PRIMARY KEY (`username`,`gss_acceptor`,`namespace`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
--- /dev/null
+# -*- text -*-
+#
+# moonshot-targeted-ids/postgresql/queries.conf -- Queries to update a PostgreSQL Moonshot-*-Targeted-Ids table.
+#
+# $Id$
+
+post-auth {
+ # Query to store the Moonshot-*-TargetedId
+ query = "\
+ INSERT INTO ${..moonshot_tid_table} \
+ (gss_acceptor, namespace, username, targeted_id) \
+ VALUES \
+ ('%{control:Moonshot-MSTID-GSS-Acceptor}', '%{control:Moonshot-MSTID-Namespace}', \
+ '%{tolower:%{User-Name}}', '%{control:Moonshot-MSTID-TargetedId}')"
+}
--- /dev/null
+CREATE TABLE moonshot_targeted_ids (
+ gss_acceptor varchar(254) NOT NULL DEFAULT '',
+ namespace varchar(36) NOT NULL DEFAULT '',
+ username varchar(64) NOT NULL DEFAULT '',
+ targeted_id varchar(128) NOT NULL DEFAULT '',
+ creationdate TIMESTAMP with time zone NOT NULL default 'now()',
+ PRIMARY KEY (username, gss_acceptor, namespace)
+);
post-auth {
# Query to store the Moonshot-*-TargetedId
query = "\
- INSERT INTO `${..moonshot_tid_table}` \
+ INSERT INTO ${..moonshot_tid_table} \
(gss_acceptor, namespace, username, targeted_id) \
VALUES \
('%{control:Moonshot-MSTID-GSS-Acceptor}', '%{control:Moonshot-MSTID-Namespace}', \
-CREATE TABLE `moonshot-targeted-ids` (
+CREATE TABLE `moonshot_targeted_ids` (
`gss_acceptor` varchar(254) NOT NULL default '',
`namespace` varchar(36) NOT NULL default '',
`username` varchar(64) NOT NULL default '',
#
update control {
Moonshot-MSTID-TargetedId := "%{moonshot_tid_sql:\
- SELECT targeted_id FROM `moonshot-targeted-ids` \
+ SELECT targeted_id FROM moonshot_targeted_ids \
WHERE gss_acceptor = '%{control:Moonshot-MSTID-GSS-Acceptor}' \
AND namespace = '%{control:Moonshot-MSTID-Namespace}' \
AND username = '%{tolower:%{User-Name}}'}"