RE: EAP-TTLS + PAP with external script

> As you can see there is the message:
> "rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this.
> modcall[authorize]: module "pap" returns noop for request 9"
> So the php script for pap authorization is not even executed.
> Maybe there is something i missed in configuration?
>
> Thanx
> Maccari Dario

That's what I did to make it works

I added a new script for authorization which set the auth-type for final step and added that script in the authorize section

********** radiusd.conf *************
modules {
        pap {
                auto_header = yes
        }
       exec test {
                wait = yes
                program = "/usr/local/bin/php -f /etc/raddb/radiusaccess.php"
                input_pairs = request
                output_pairs = reply
        }
        exec papauth {
                wait = yes
                program = "/usr/local/bin/php -n -f /etc/raddb/radiusauth.php"
                input_pairs = request
                output_pairs = config
        }

}
 
authorize {
        preprocess
        suffix
        eap
        pap
        papauth
}
 
authenticate {
        Auth-Type PAP {
                test
        }
        eap
}
 
************* END radiusd.conf **********
This is the relevant script part

************* radiusauth.php **********
<?php
    $username = getenv("USER_NAME");
    $userpass = getenv ("USER_PASSWORD");
    if ($username!= "" && $userpass !="")
    {
        echo "Auth-Type = PAP\n";
    }
 ?>
************* END radiusauth.php **********

Does what i did have any sense?
Is it robust enough?

Bye and thanx

Dario Maccari


Get news, entertainment and everything you care about at Live.com. Check it out!
This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.