topic Re: tacacs before / after authorization in Network Access Control https://community.cisco.com/t5/network-access-control/tacacs-before-after-authorization/m-p/508549#M427585 <HTML><HEAD></HEAD><BODY><P>ok, got it.</P><P>Next to the fields that are passed along (like user, name etc) just keep on reading standard input.</P><P></P><P>Just in case anyone else is interested:</P><P>the sdtacplus.cfg reads:</P><P>user = memyself {</P><P> before authorization "myscript $user $name'</P><P>}</P><P></P><P>Then myscript goes like</P><P>$user = $ARGV[0]</P><P>$name = $ARGV[1]</P><P></P><P>while (<STDIN>) {</STDIN></P><P> $input = $_;</P><P> chop ($input);</P><P> print "$input\n";</P><P>}</P><P></P><P>Obviously, the above just prints STDIN back to STDOUT so it's not very functional, but it's the thought that counts.</P><P></P><P>Peter</P><P></P></BODY></HTML> Wed, 15 Mar 2006 12:55:22 GMT pvdvoort 2006-03-15T12:55:22Z tacacs before / after authorization https://community.cisco.com/t5/network-access-control/tacacs-before-after-authorization/m-p/508548#M427584 <P>Hello,</P><P></P><P>I'm using tac_plus and want to use my own script for authorizing users, based on the NAS and based on the command a user enters.</P><P></P><P>The documentation mentions fields that can be passed to a script (like user, name, port etc) and that works geat, but is there a way to also pass the command the user entered?</P><P></P><P>The documentation states that it is possible to read all the fields in the authorization packet the NAS sent, but I can't seem to figure out how that should be done.</P><P></P><P>Any help would be appreciated. Thanks.</P><P>Peter</P><P></P> Sun, 10 Mar 2019 21:30:29 GMT https://community.cisco.com/t5/network-access-control/tacacs-before-after-authorization/m-p/508548#M427584 pvdvoort 2019-03-10T21:30:29Z Re: tacacs before / after authorization https://community.cisco.com/t5/network-access-control/tacacs-before-after-authorization/m-p/508549#M427585 <HTML><HEAD></HEAD><BODY><P>ok, got it.</P><P>Next to the fields that are passed along (like user, name etc) just keep on reading standard input.</P><P></P><P>Just in case anyone else is interested:</P><P>the sdtacplus.cfg reads:</P><P>user = memyself {</P><P> before authorization "myscript $user $name'</P><P>}</P><P></P><P>Then myscript goes like</P><P>$user = $ARGV[0]</P><P>$name = $ARGV[1]</P><P></P><P>while (<STDIN>) {</STDIN></P><P> $input = $_;</P><P> chop ($input);</P><P> print "$input\n";</P><P>}</P><P></P><P>Obviously, the above just prints STDIN back to STDOUT so it's not very functional, but it's the thought that counts.</P><P></P><P>Peter</P><P></P></BODY></HTML> Wed, 15 Mar 2006 12:55:22 GMT https://community.cisco.com/t5/network-access-control/tacacs-before-after-authorization/m-p/508549#M427585 pvdvoort 2006-03-15T12:55:22Z