Freeradius + xmpp server

Sergio Belkin sebelk at gmail.com
Fri May 27 18:29:38 CEST 2011


2011/5/27 Phil Mayers <p.mayers at imperial.ac.uk>:
> On 27/05/11 16:58, Sergio Belkin wrote:
>>
>> I mean use a xmppserver  as a NAS. I think that it provide more
>> flexibility to choose based on what attributes is performed the
>> authentication.
>
> So, would the idea be that:
>
>  * client connects to XMPP server
>  * client sends username/password
>  * XMPP server sends PAP request
>  * radius server replies with yes/no
>
> The easiest way is probably PAM and pam_radius, but it only does
> authentication.
>
> But I assume you want to do something more complex?
> -

The Idea is:

 * client connects to XMPP server
 * client sends uid/radiusPassword (see below)
* XMPP server sends MSChapv2 request
* radius server replies with yes/no

radiusPassword is an attribute alternative that we created instead
userPassword. We use it instead of userPassword which is used for mail
and intranet access.

I was testing openfire but it can't choose the attribute, only uses
userPassword, and has a radius plugin a bit outdated...

-- 
--
Sergio Belkin  http://www.sergiobelkin.com
Watch More TV http://sebelk.blogspot.com
LPIC-2 Certified - http://www.lpi.org




More information about the Freeradius-Users mailing list