3.15.6. CountQuery Previous topic Parent topic Child topic Next topic

This SQL statement is executed whenever a Simultaneous-Use check item or MaxSessions must be checked during an Access-Request. It is expected to find and return details of all the user sessions currently in the Session Database for the given User-Name. For each entry, it is expected to return the NAS-Identifier, NAS-Port and Acct-Session-Id, IP Address and optionally a user name (in that order) of each session currently in the Session Database. The returned rows are counted, and if there are apparently too many sessions, SessionDatabase SQL will query each NAS and port to confirm if the user is still on line at that port with that session ID. If a user name is present as the fifth field returned by the query, that is the user name that will be used to confirm the user is still on line. If CountQuery is defined as an empty string, then the query will not be executed, and the current session count will be fixed at 0.
%0 is formatted as defined in section Section 3.15.2. AddQuery. %1 replaced by the AuthBy’s DefaultSimultaneousUse, Simultaneous-Use check item or Handler's Max-Sessions value, depending on the context. SQL bind variables are supported.
It defaults to:
select NASIDENTIFIER, NASPORT, ACCTSESSIONID, FRAMEDIPADDRESS
from RADONLINE where USERNAME=%0
Tip
You can make SessionDatabase SQL count sessions in different ways depending on how you want to restrict your sessions. For example, you could limit the number of users permitted to log in to a particular realm with something like:
CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID, \
      FRAMEDIPADDRESS from\
      RADONLINE where USERNAME like '%%@%R'
If your Session Database table included the Called-Station-Id for each session, you could limit the maximum number of users with the same Called-Station-ID with something like:
CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID, \
      FRAMEDIPADDRESS from RADONLINE \
      where CALLEDSTATIONID ='%{Called-Station-Id}'