Go to the first, previous, next, last section, table of contents.

message statement

The message statement allows to set up the messages that are returned to the user with authentication-response packets.

Syntax

    message {
            [ account-closed string ; ]
            [ password-expired string ; ]
            [ password-expire-warning string ; ]
            [ access-denied string ; ]
            [ realm-quota string ; ]
            [ multiple-login string ; ]
            [ second-login string ; ]
            [ timespan-violation string ; ]
    };

All variables in message block take a string argument. In string you can use the usual C backslash notation to represent non-printable characters. The use of %C{} and %R{} sequences is also allowed (see section Macro Substitution).

String statements

account-closed
This message will be returned to the user whose account is administratively closed.
password-expired
This message will be returned to the user whose password has expired.
password-expire-warning
This is a warning message that will be returned along with an authentication-acknowledge packet for the user whose password will expire in less than n seconds. The value of n is set by password-expire-warning variable in auth block. See section auth statement. In this string, you can use the %R{Password-Expire-Days} substitution, to represent the actual number of days left to the expiration date. The default is 
    Password Will Expire in %R{Password-Expire-Days} Days\r\n
access-denied
This message is returned to the user who supplies an incorrect password or a not-existent user-name as his authentication credentials.
realm-quota
This message is returned when the user is trying to log in using a realm, and number of users that are currently logged in from this realm reaches maximum value. For a description of realms, See section Realms.
multiple-login
This message is returned to the user, who has logged in more than allowed number of times. For description of how to set the maximum number of concurrent logins, see section Simultaneous-Use.
second-login
This is a special case of multiple-login, which is used when the user's login limit is 1.
timespan-violation
This message is returned to the user who is trying to login outside of allowed time interval. For description of how to limit user's login time, see section Login-Time.

Go to the first, previous, next, last section, table of contents.