Provide the actual authentication realm to Radius, especially without losing Calling-Station-Id #47
Description
Overriding Calling-Station-Id (usually the external client IP) in order to convey some more information about the authentication in progress seems like a hack.
It makes more sense to use another attribute to reference the "service" the user is authenticating to, which in this case would be the HTTP basic authentication realm.
It seems sound to use Called-Station-Id. Analogous to the case of e.g. a wireless access point which would present the AP's MAC address the user is connected to in this attribute, in the present use case it could provide the realm the request was directed to.
I have created a patch. Feel free to discuss before I submit a PR.
By default, the realm name (AuthName) configured for mod_auth_basic is used. It can be overriden by specifying "AddRadiusCalledStationID".
This is what the access-request looked like when "AddRadiusCallingStationID" was used previously:
User-Name = "x"
User-Password = "password"
Service-Type = Authenticate-Only
NAS-Identifier = "test.example.com"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "MyServiceName"
I have renamed the parameter to "AddRadiusCalledStationID", and this is the resulting request:
User-Name = "x"
User-Password = "password"
Service-Type = Authenticate-Only
NAS-Identifier = "test.example.com"
NAS-IP-Address = 127.0.0.1
Called-Station-Id = "MyRealm"
Calling-Station-Id = "1.2.3.4"
We could keep "AddRadiusCallingStationID" for backwards compatibility, as you wish.