Can't get the value of 'Digest-User-name', 'Digest-Realm', 'Digest-Method', 'Digest-Uri', 'Digest-Nonce', 'Digest-Response'

johnson elangbam elangbamjohnson at gmail.com
Tue Apr 22 16:18:32 CEST 2008 

hi,
    I am using free Radius 2.0.3. I m configured my AAA through rlm_perl. I
need to do the authorization by using the following attributes.

Digest-Realm
Digest-Method
Digest-Uri
Digest-Nonce
Digest-Nonce
Digest-Response

Unfortunately i did not get any value from these attributes when i called
using $RAD_REQUEST. Please tell me any idea to get these values.
Here is the piece of authorization code that i've used.


sub authorize
   {
my $nasuser1;
my $nasuser;
my $naspass;
my $dUserName;
my $dRealm;
my $dMethod;
my $dUri;
my $dNonce;
my $nameindex;
my $dResponse;

        $nasuser = $RAD_REQUEST{'User-Name'};
        $naspass = $RAD_REQUEST{'User-Password'};
    $dUserName= $RAD_REQUEST{'Digest-User-Name'};
        $dRealm= $RAD_REQUEST{'Digest-Realm'};
        $dMethod = $RAD_REQUEST{'Digest-Method'};
        $dUri= $RAD_REQUEST{'Digest-URI'};
        $dNonce=$RAD_REQUEST{'Digest-Nonce'};
        $dResponse=$RAD_REQUEST{'Digest-Response'};

my $dPassword;
my $ha1;
my $ha2;
my $a1;
my $a2;
my $a;
my $sqltest;
my $sthtest;


my $user = "user";
my $password = "password";
my
$dbhtest=DBI->connect('dbi:ODBC:MSSQLDSN',$user,$password,{PrintError=>0,RaiseError=>0});
my $dbh = DBI-> connect('dbi:ODBC:MSSQLDSN', $user, $password, {PrintError
=>0, RaiseError =>0});
my $sql = qq/select * from testing where UserName = '$nasuser'/;
my $sth=$dbh->prepare($sql);

if($dbh)
  {
   $sth->execute();



   if(my $row = $sth->fetchrow_hashref)
     {

        #password from database against the username
    $dPassword=$row->{UserPassword};


        $a1=$dUserName.':'.$dRealm.':'.$dPassword;

        #first part of the hash calculated.
    $ha1=md5($a1);
        $a2=$dMethod.':'.$dUri;

    #second part of the hash calculated.
        $ha2=md5($a2);

    #final string to be hashed.
    $a=$ha1.':'.$dNonce.':'.$ha2;

    #final response to be checked with the digest-response

    $a=md5($a);


        if($a eq $dResponse)
        {
            $RAD_REPLY{'Reply-Message'} = "Accepting Users";

        return RLM_MODULE_OK;
    }
       else
    {
         $RAD_REPLY{'Reply-Message'} = "Incorrect Password";

            return RLM_MODULE_REJECT;
    }
     }#End of row fetch
   else
     {
        $RAD_REPLY{'Reply-Message'} = "Incorrect Username";
    #$RAD_REPLY{'Reply-Message'} = $nasuser;
    return RLM_MODULE_REJECT;
     }#End of else
  }#end of if  database connection
else
  {
   $RAD_REPLY{'Reply-Message'} = "Cannot connect to database";

  }
}#End of authorization subsection


With Regards
Elangbam Johnson
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080422/7fd7bf8a/attachment.html>

More information about the Freeradius-Users mailing list