[strongSwan-dev] Plugin for custom ID checks
Emeric POUPON
emeric.poupon at stormshield.eu
Thu Nov 20 10:58:35 CET 2014
Hello,
I would like to check if a user has the rights to authenticate using an external facility (ldap).
The idea is to use the user's ID (if one of ID_USER_FQDN / ID_RFC822_ADDR) to perform the check.
I noticed the whitelist plugin may be a good skeleton example of what I want to do.
Basically, I would just have to:
- create a new libcharon/plugins/.
- register on the "authorize" hook of the libcharon.
- in the authorize method, get the identity of the peer involved in the IKE SA.
- perform the required external checks.
Am I correct?
Best Regards,
Emeric Poupon
More information about the Dev
mailing list