add_stats::
If `yes` the following attributes will be added to the request:
- * `&request.Cache-Entry-Hits` - The number of times this entry
+ * `request.Cache-Entry-Hits` - The number of times this entry
has been retrieved.
NOTE: Not supported by the `rlm_cache_memcached` module.
block below:
update {
- &reply.Reply-Message := "Hello %{User-Name}"
+ reply.Reply-Message := "Hello %{User-Name}"
}
When the cache entry is created, the module will expand the
resulting cache entry will look like this:
update {
- &reply.Reply-Message := "Hello bob"
+ reply.Reply-Message := "Hello bob"
}
When the cache module is read, this `update` section is
NOTE: Only `request`, `reply`, `control` and
`session-state` lists are available for the left side of
-cache entries. Attempting to reference other lists *will
-raise an error* during config validation.
+cache entries. Attempting to reference other lists will
+raise an error during config validation.
<list>.<attribute> <op> <value>::
### Configuration
This module supports a number of runtime configuration parameters
-represented by attributes in the `&control.` list.
+represented by attributes in the `control.` list.
-&control.Cache-TTL:: Sets the TTL of an entry to be created, or
+control.Cache-TTL:: Sets the TTL of an entry to be created, or
modifies the TTL of an existing entry.
[options="header,autowidth"]
| `Cache-TTL` of `0` | Expire the existing entry and create a new one.
|===
-&control.Cache-Status-Only:: If present and set to `yes` will
+control.Cache-Status-Only:: If present and set to `yes` will
prevent a new entry from being created, and existing entries from
being merged. It will also alter the module's return codes.
NOTE: If this is set to `yes`, no other cache control attributes will
be honoured, but they will still be cleared.
-&control.Cache-Allow-Insert:: If present and set to `no` will
+control.Cache-Allow-Insert:: If present and set to `no` will
prevent a new entry from being created. If not present or set
to `yes`, and no entry exists, a new one will be created.
This is evaluated after `Cache-TTL`, so expired entries may be
recreated.
-&control.Cache-Allow-Merge:: If present and set to `no` will
+control.Cache-Allow-Merge:: If present and set to `no` will
prevent existing entries from being merged. If not present or
set to `yes`, and an entry exists (and is valid), it will be
merged with the current request.
This is evaluated before `Cache-TTL`, so entries being expired
may first be merged.
-&control.Cache-Merge-New:: If present and set to `yes` will merge new
+control.Cache-Merge-New:: If present and set to `yes` will merge new
cache entries into the current request. Useful if results of execs or
expansions are stored directly in the cache.
NOTE: All runtime configuration attributes will be removed from the
-`&control.` list after the cache module is called.
+`control.` list after the cache module is called.
### Methods
```
# Add a cache entry
-&control.Cache-TTL := 1h
+control.Cache-TTL := 1h
cache.store
if (updated) {
..keys stored
}
# Change the entries TTL
-&control.Cache-TTL := 30m
+control.Cache-TTL := 30m
cache.ttl
if (updated) {
..ttl changed
* This is evaluated before `Cache-TTL`, so entries being expired
may first be merged.
* All runtime configuration attributes will be removed from the
-`&control:` list after any cache method is called.
+`control:` list after any cache method is called.
====
# idle_timeout = 60
# }
# }
- key = &User-Name
+ key = %{User-Name}
ttl = 10
add_stats = no
# max_entries = 0
update {
- &reply.Reply-Message := &reply.Reply-Message
- &reply.Reply-Message += "Cache last updated at %t"
- &reply.Class := "%randstr(ssssssssssssssssssssssssssssssss)"
+ reply.Reply-Message := reply.Reply-Message
+ reply.Reply-Message += "Cache last updated at %t"
+ reply.Class := "%randstr(ssssssssssssssssssssssssssssssss)"
}
}
```
```
cache cache_eap {
- key = "%{&control.State || &reply.State || &State}"
+ key = "%{control.State || reply.State || State}"
ttl = 15
update reply {
- &reply += &reply
- &control.State := &request.State
+ reply += reply
+ control.State := request.State
}
}
```
```
cache cache_tls_session {
driver = "rbtree"
- key = &Session-Id
+ key = %{Session-Id}
ttl = 3600 # 60 mins
update {
- &reply.Session-Data := &Session-Data
+ reply.Session-Data := Session-Data
}
}
cache cache_ocsp {
driver = "rbtree"
- key = &session-state.TLS-Client-Cert-Serial
+ key = %{session-state.TLS-Client-Cert-Serial}
update {
- &control.TLS-OCSP-Cert-Valid := &TLS-OCSP-Cert-Valid
- &control.TLS-OCSP-Response := &TLS-OCSP-Response
+ control.TLS-OCSP-Cert-Valid := TLS-OCSP-Cert-Valid
+ control.TLS-OCSP-Response := TLS-OCSP-Response
}
}
```
#
# key:: The `key` used to index the cache. It is dynamically expanded at run time.
#
- key = &User-Name
+ key = %{User-Name}
#
# ttl::
# add_stats::
#
# If `yes` the following attributes will be added to the request:
- # * `&request.Cache-Entry-Hits` - The number of times this entry
+ # * `request.Cache-Entry-Hits` - The number of times this entry
# has been retrieved.
#
# NOTE: Not supported by the `rlm_cache_memcached` module.
# block below:
#
# update {
- # &reply.Reply-Message := "Hello %{User-Name}"
+ # reply.Reply-Message := "Hello %{User-Name}"
# }
#
# When the cache entry is created, the module will expand the
# resulting cache entry will look like this:
#
# update {
- # &reply.Reply-Message := "Hello bob"
+ # reply.Reply-Message := "Hello bob"
# }
#
# When the cache module is read, this `update` section is
#
# NOTE: Only `request`, `reply`, `control` and
# `session-state` lists are available for the left side of
- # cache entries. Attempting to reference other lists *will
- # raise an error* during config validation.
+ # cache entries. Attempting to reference other lists will
+ # raise an error during config validation.
#
update {
#
#
# Cache all instances of `Reply-Message` in the reply list.
- &reply.Reply-Message := &reply.Reply-Message
+ reply.Reply-Message := reply.Reply-Message
# Add our own to show when the cache was last updated.
- &reply.Reply-Message += "Cache last updated at %t"
+ reply.Reply-Message += "Cache last updated at %t"
# Add your own value for `Class`.
- &reply.Class := "%randstr(ssssssssssssssssssssssssssssssss)"
+ reply.Class := "%randstr(ssssssssssssssssssssssssssssssss)"
}
#
# ### Configuration
#
# This module supports a number of runtime configuration parameters
- # represented by attributes in the `&control.` list.
+ # represented by attributes in the `control.` list.
#
- # &control.Cache-TTL:: Sets the TTL of an entry to be created, or
+ # control.Cache-TTL:: Sets the TTL of an entry to be created, or
# modifies the TTL of an existing entry.
#
# [options="header,autowidth"]
# | `Cache-TTL` of `0` | Expire the existing entry and create a new one.
# |===
#
- # &control.Cache-Status-Only:: If present and set to `yes` will
+ # control.Cache-Status-Only:: If present and set to `yes` will
# prevent a new entry from being created, and existing entries from
# being merged. It will also alter the module's return codes.
#
# NOTE: If this is set to `yes`, no other cache control attributes will
# be honoured, but they will still be cleared.
#
- # &control.Cache-Allow-Insert:: If present and set to `no` will
+ # control.Cache-Allow-Insert:: If present and set to `no` will
# prevent a new entry from being created. If not present or set
# to `yes`, and no entry exists, a new one will be created.
# This is evaluated after `Cache-TTL`, so expired entries may be
# recreated.
#
- # &control.Cache-Allow-Merge:: If present and set to `no` will
+ # control.Cache-Allow-Merge:: If present and set to `no` will
# prevent existing entries from being merged. If not present or
# set to `yes`, and an entry exists (and is valid), it will be
# merged with the current request.
# This is evaluated before `Cache-TTL`, so entries being expired
# may first be merged.
#
- # &control.Cache-Merge-New:: If present and set to `yes` will merge new
+ # control.Cache-Merge-New:: If present and set to `yes` will merge new
# cache entries into the current request. Useful if results of execs or
# expansions are stored directly in the cache.
#
#
# NOTE: All runtime configuration attributes will be removed from the
- # `&control.` list after the cache module is called.
+ # `control.` list after the cache module is called.
#
# ### Methods
#
#
# ```
# # Add a cache entry
- # &control.Cache-TTL := 1h
+ # control.Cache-TTL := 1h
# cache.store
# if (updated) {
# ..keys stored
# }
#
# # Change the entries TTL
- # &control.Cache-TTL := 30m
+ # control.Cache-TTL := 30m
# cache.ttl
# if (updated) {
# ..ttl changed
# * This is evaluated before `Cache-TTL`, so entries being expired
# may first be merged.
# * All runtime configuration attributes will be removed from the
- # `&control:` list after any cache method is called.
+ # `control:` list after any cache method is called.
# ====
#
}
#
# key:: Cache key.
#
- key = "%{&control.State || &reply.State || &State}"
+ key = "%{control.State || reply.State || State}"
#
# ttl:: TTL for cache entries.
# update <section> { ... }::
#
update reply {
- &reply += &reply
- &control.State := &request.State
+ reply += reply
+ control.State := request.State
}
}
#
# key:: The `cache` key.
#
- key = &Session-Id
+ key = %{Session-Id}
#
# ttl:: TTL for `cache` entries.
# update <section> { ... }::
#
update {
- &reply.Session-Data := &Session-Data
+ reply.Session-Data := Session-Data
}
}
#
# key:: `cache` key.
#
- key = &session-state.TLS-Client-Cert-Serial
+ key = %{session-state.TLS-Client-Cert-Serial}
#
# update <section> { ... }::
#
update {
- &control.TLS-OCSP-Cert-Valid := &TLS-OCSP-Cert-Valid
- &control.TLS-OCSP-Response := &TLS-OCSP-Response
+ control.TLS-OCSP-Cert-Valid := TLS-OCSP-Cert-Valid
+ control.TLS-OCSP-Response := TLS-OCSP-Response
}
}
projects / thirdparty / freeradius-server.git / commitdiff
