mideye authentication
Norbert Wegener
norbert.wegener at siemens.com
Sun Mar 2 16:49:40 CET 2008
Norbert Wegener wrote:
> Alan DeKok wrote:
>> Norbert Wegener wrote:
>>
>>> It should be simple to generate a one time password, throw it into a
>>> database,send it via sms and make it available for the next time, the
>>> user requests access. The problem here seems to be, that after a first
>>> successfull authentication another one with only a new password but the
>>> already entered username has to be done.
>>> Can this be realised with an actual freeradius? If so: Where can I find
>>> documentation about it?
>>>
>>
>> You first need to define what you mean by "successful authentication".
>> Is it sending an Access-Accept? Or receiving an Accounting start for
>> that user?
The box I am talking about is a Juniper vpn gateway. There they have
Custom Radius Authentication Rules and in the configuration menu there is:
If received packet Type :Access Challenge
Take action: Show Next Token page
Now it seems to me, that after providing the correct login/(static)
password combination, not an Access-Accept must be sent, but instead an
Access-Challenge.
Maybe, this can be done using the otpd, but up to now I am searching on
how to realise this.
Anyone any idea?
Norbert Wegener
More information about the Freeradius-Users
mailing list