Cope with anonymous outer identities with PKI EAPs by using User-Name attribute in the Access-Accept, if present.

  • 4
  • Idea
  • Updated 5 years ago
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes

Posted 5 years ago

  • 4
Photo of Mike Kouri

Mike Kouri, Official Rep

  • 1030 Posts
  • 271 Reply Likes
Interesting idea, Nick, thanks. I have passed this on to my peers who are responsible for that.
Photo of Sarah Banks

Sarah Banks

  • 75 Posts
  • 4 Reply Likes
Mike is correct - this is an interesting idea, and something that's not done today, but would be possible to do in the future. We'll discuss adding this functionality internally. Thanks for the feedback!
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Can somebody close this as resolved?

I have just tested in 6.1r1 and returning the User-Name AVP works as expected - the accounting User-Name and the identity shown in HiveManager is correct.

Thanks!
Photo of Amanda

Amanda

  • 396 Posts
  • 25 Reply Likes
Thanks for the update Nick.