freeRADIUS: Add a filtering module in regards to the SerialNumber in the DN

SCS-CBU-CED-IAM / mobileid

Mobile ID Sample Scripts

http://mobile-id.ch

13 stars 5 forks source link

freeRADIUS: Add a filtering module in regards to the SerialNumber in the DN #70

Closed FreddyKaiser closed 10 years ago

FreddyKaiser commented 10 years ago

Provide an option to check actively against the security ID of the Mobile ID (Serialnumber in the DN) and refuse access in case of.

Possible solution: dedicated script/flag to track all returned SerialNumbers and store them in a File/DB. If not set, it will create it and after actively compare and reject users where the MSISDN:SerialNumber is not more the same. The mapping could then be removed/updated with an other script.

FreddyKaiser commented 10 years ago

Working on a solution to have at the user store the possibility to set and get the SerialNumber of the DN. The Serialnumber (if set) will then actively be checked on the signature return.

FreddyKaiser commented 10 years ago

Moved into the new/separate freeradius-mobileid project