Junaid Saeed Uppal
9c21307ad3
Two-processor approach:
1. AuthGetPassword: Fetches user password from attributes
2. AuthPAP: Uses *radauth + *pap with *strip:*suffix:*nil converter
to remove null padding from PAP passwords before comparison
Uses ~*req.User-Password{*strip:*suffix:*nil} as recommended by
CGRateS maintainers to fix the null-padding comparison bug.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
127 lines
2.8 KiB
JSON
127 lines
2.8 KiB
JSON
{
|
|
// CGRateS Configuration file
|
|
//
|
|
|
|
"general": {
|
|
"log_level": 7,
|
|
},
|
|
|
|
|
|
"listen": {
|
|
"rpc_json": ":2012", // RPC JSON listening address
|
|
"rpc_gob": ":2013", // RPC GOB listening address
|
|
"http": ":2080", // HTTP listening address
|
|
},
|
|
|
|
"data_db": {
|
|
"db_type": "redis",
|
|
"db_port": 6379,
|
|
"db_name": "10",
|
|
},
|
|
|
|
"stor_db": { // database used to store offline tariff plans and CDRs
|
|
"db_password": "CGRateS.org", // password to use when connecting to stordb
|
|
},
|
|
"filters": {
|
|
"apiers_conns": ["*localhost"],
|
|
},
|
|
|
|
"rals": {
|
|
"enabled": true,
|
|
},
|
|
|
|
"schedulers": {
|
|
"enabled": true,
|
|
},
|
|
|
|
"cdrs": {
|
|
"enabled": true,
|
|
"rals_conns": ["*internal"],
|
|
},
|
|
|
|
"resources": {
|
|
"enabled": true,
|
|
},
|
|
|
|
"attributes": {
|
|
"enabled": true,
|
|
},
|
|
|
|
"routes": {
|
|
"enabled": true,
|
|
},
|
|
|
|
"chargers": {
|
|
"enabled": true,
|
|
},
|
|
|
|
"sessions": {
|
|
"enabled": true,
|
|
"attributes_conns": ["*localhost"],
|
|
"cdrs_conns": ["*localhost"],
|
|
"rals_conns": ["*localhost"],
|
|
"resources_conns": ["*localhost"],
|
|
"chargers_conns": ["*internal"],
|
|
"debit_interval": "10s",
|
|
},
|
|
"radius_agent": {
|
|
"enabled": true,
|
|
"sessions_conns": ["*localhost"],
|
|
"listeners":[
|
|
{
|
|
"network": "udp",
|
|
"auth_address": "0.0.0.0:1812",
|
|
"acct_address": "0.0.0.0:1813"
|
|
}
|
|
],
|
|
"client_secrets": {
|
|
"*default": "CGRateS.org"
|
|
},
|
|
"client_dictionaries": {
|
|
"*default": ["/usr/share/cgrates/radius/dict/"]
|
|
},
|
|
"request_processors": [
|
|
{
|
|
"id": "AuthGetPassword",
|
|
"filters": ["*string:~*vars.*radReqType:*radAuth"],
|
|
"flags": ["*attributes", "*continue", "*log"],
|
|
"request_fields": [
|
|
{"tag": "Account", "path": "*cgreq.Account", "type": "*variable", "value": "~*req.User-Name"}
|
|
],
|
|
"reply_fields": []
|
|
},
|
|
{
|
|
"id": "AuthPAP",
|
|
"filters": ["*string:~*vars.*radReqType:*radAuth"],
|
|
"flags": ["*radauth", "*pap", "*log"],
|
|
"request_fields": [
|
|
{"tag": "UserPassword", "path": "*vars.UserPassword", "type": "*variable",
|
|
"value": "~*req.Password"},
|
|
{"tag": "StrippedPassword", "path": "*cgreq.Password", "type": "*variable",
|
|
"value": "~*req.User-Password{*strip:*suffix:*nil}"}
|
|
],
|
|
"reply_fields": [
|
|
{"tag": "RemoveOnError", "filters": ["*notempty:~*cgrep.Error:"], "type": "*removeall", "path": "*rep"},
|
|
{"tag": "Code", "path": "*rep.*radReplyCode", "filters": ["*notempty:~*cgrep.Error:"],
|
|
"type": "*constant", "value": "AccessReject"},
|
|
{"tag": "ReplyMessage", "path": "*rep.Reply-Message", "filters": ["*notempty:~*cgrep.Error:"],
|
|
"type": "*variable", "value": "~*cgrep.Error"},
|
|
{"tag": "SessionTimeout", "path": "*rep.Session-Timeout", "filters": ["*empty:~*cgrep.Error:"],
|
|
"type": "*constant", "value": "3600"},
|
|
{"tag": "AcctInterimInterval", "path": "*rep.Acct-Interim-Interval", "filters": ["*empty:~*cgrep.Error:"],
|
|
"type": "*constant", "value": "30"}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
|
|
|
|
|
|
"apiers": {
|
|
"enabled": true,
|
|
"scheduler_conns": ["*internal"],
|
|
},
|
|
|
|
}
|
|
|