Quick Question

Ivan Kohler ivan at sisd.com
Mon Nov 9 15:06:43 PST 1998 

On Mon, Nov 09, 1998 at 06:38:02PM -0500, james at wwnet.net wrote:
> On Fri, 6 Nov 1998, Ivan Kohler wrote:
> 
> > I wouldn't implement it as a local script.  I wouldn't want users talking
> > to my freeside machine; too much potential for DoS attacks.  I'd probably
> > do something client/server like fs_passwd (the passwd/chfn/chsh
> > replacement): 
> > 
> > -The freeside machine starts a daemon remotely (via ssh) on the web server.
> > -The daemon on the web server opens a protected-mode UNIX domain socket.
> > -Processes on the web server talk to the local socket.
> > 
> > ssh provides strong authentication and encryption on the web server to
> > freeside connection.  Presumably the web server would run SSL of some
> > sort.  You don't have to allow any userland packets near your freeside
> > machine, as all connections are initiated from the freeside machine.
> 
> This seems like it would be fairly easy to implement basing it on
> fs_passwd.  I do have a few questions about the billing system in
> freeside.  When a customer is entered and their card is invalid (not
> enough funds, invalid number) how is this handled?  Ideally the card would
> be checked as soon as  the user signs up, but considering the time frame I
> have for this, it seems like a long term goal.  

Right now there are hooks for doing real-time authentication with
CyberCash.  So you just do a 

      $error = $cust_main->collect (
                                  'report_badcard' => 'yes',
                                );

when the user signs up.  The "Bill this customer now" link in the web
interface does this.

See the FS::cust_main section in the API docs (etc.)

I will probably be integrating support for Fort Nocs next.  Information on
other real-time _internet-transport_ services with support for the major
UNIX flavors is welcome; please email me privately. 

> > 
> > >  I am looking for something that
> > > will verify that the users card is valid before adding the user.
> > > If there isn't anything like this, I am probably going to end up coding it
> > > myself.
> > 
> > I hope you'll consider checking your code into the CVS tree so that I and
> > others can help you out. 
> > 
> 
> If I end up using freeside for this I will check my code in.  If
> freeside works as it should, then I might be able to get my NT guy to give
> up rodopi and use freeside for all of our user accounting.  
> 
> If that happens, then I will be integrating LDAP functionality into
> freeside, as our new mail system (another one of my many projects) is all
> going to be based on ldap.

Interesting.  I wasn't aware that there was an open-source LDAP package
available yet.

-- 
Ivan Kohler <ivan at sisd.com> - finger for PGP key
Silicon Interactive Software Design - http://www.sisd.com/ - 888-670-SISD
Open-source billing and administration for ISPs - http://www.sisd.com/freeside
20 4,16 * * * saytime # please don't be surprised if you find me dreaming too

More information about the freeside-users mailing list