Re: Question regarding external script authentication

Patric <patrict@bluebottle.com> · Fri, 18 May 2007 11:30:52 +0200

A.L.M.Buxey@lboro.ac.uk wrote:

you have various other attributes in your real production system - perhaps
you have matching DEFAULT values (eg in users file) which are aiding the
access accept?

If that were the case, then wouldnt this eliminate the problem:

My radiusd.conf authorize section contains only this :

authorize {
	files
	exec-radauth
}

My users file contains only this :

DEFAULT Auth-Type = Accept

If I understand it correctly this would mean that the only 

authentication done is by my script.

I did the above on the production server, but I am still not returning 

an access-reject...

I have now also upgrading freeradius on the production server to 1.1.6, 

also with the same result - no access-reject returned...

I am now at a loss as to where else to look, but I suspect its some kind 

of config setting. Where? I dont know :[

Thanks guys
Patrick

----------------------------------------------------------------------
Get a free email address with REAL anti-spam protection.
http://www.bluebottle.com