Proxy question

Roberto Greiner mrgreiner at gmail.com
Fri Oct 6 21:29:33 CEST 2006


Alan DeKok wrote:
> Roberto Greiner <mrgreiner at gmail.com> wrote:
>   
>> But when I send a user with the test.com domain, it wasn't stripped. The
>> radiusd -X log below shows the behavior:
>>     
>
>   Show the *full* log.

rad_recv: Access-Request packet from host E.F.G.H:4126, id=4, length=62
        User-Name = "rgreiner at test.com"
        User-Password = "teste"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
  modcall[authorize]: module "preprocess" returns ok for request 3
  modcall[authorize]: module "chap" returns noop for request 3
  modcall[authorize]: module "mschap" returns noop for request 3
    rlm_realm: Looking up realm "test.com" for User-Name =
"rgreiner at test.com"
    rlm_realm: Found realm "test.com"
    rlm_realm: Adding Stripped-User-Name = "rgreiner"
    rlm_realm: Proxying request from user rgreiner to realm test.com
    rlm_realm: Adding Realm = "test.com"
    rlm_realm: Authentication realm is LOCAL.
  modcall[authorize]: module "suffix" returns noop for request 3
  modcall[authorize]: module "files" returns notfound for request 3
radius_xlat:  'rgreiner at test.com'
rlm_sql (sql): sql_set_user escaped user --> 'rgreiner at test.com'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radcheck           WHERE Username = 'rgreiner at test.com'           ORDER
BY id'
rlm_sql (sql): Reserving sql socket id: 0
rlm_sql (sql): User rgreiner at test.com not found in radcheck
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op 
FROM radgroupcheck,usergroup WHERE usergroup.Username =
'rgreiner at test.com' AND usergroup.GroupName = radgroupcheck.GroupName
ORDER BY radgroupcheck.id'
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op 
FROM radgroupreply,usergroup WHERE usergroup.Username =
'rgreiner at test.com' AND usergroup.GroupName = radgroupreply.GroupName
ORDER BY radgroupreply.id'
rlm_sql (sql): User rgreiner at test.com not found in radgroupcheck
rlm_sql (sql): Released sql socket id: 0
rlm_sql (sql): User not found
  modcall[authorize]: module "sql" returns notfound for request 3
modcall: leaving group authorize (returns ok) for request 3
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [rgreiner at test.com/teste] (from client dsu24 port 0)
Sending Access-Reject of id 4 to 143.107.71.24 port 4126
Finished request 3
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 3 ID 4 with timestamp 4526adb5
Nothing to do.  Sleeping until we see a request.



-- 
 ------------------------------------------------------------------- 
|                     Marcos Roberto Greiner                        | 
|                                                                   | 
|         Os otimistas acham que estamos no melhor dos mundos       | 
|         Os pessimistas tem medo de que isto seja verdade          | 
|                                                     Murphy        | 
 ------------------------------------------------------------------- 
|                         rgreiner at usp.br                           | 
 -------------------------------------------------------------------




More information about the Freeradius-Users mailing list