3.14.19. AllowInReject Previous topic Parent topic Child topic Next topic

This optional parameter specifies the only attributes that are permitted in an Access-Reject. This can be useful in Handlers with multiple AuthBys where the attributes added before a rejecting AuthBy need to be stripped from the resulting Access-Reject.
AllowInReject is not set by default and does not remove anything from Access-Rejects.
# Only permit a limited set of attributes in a reject.
AllowInReject Message-Authenticator, EAP-Message