case insensitive password
Alan DeKok
aland at deployingradius.com
Wed Apr 24 16:47:47 CEST 2013
Mehdi Ravanbakhsh wrote:
> how i could check case insensitive password for user..
You don't.
> and it is better if i could limit this kind of password check for some
> nas-ip-adress.
Write "unlang" rules to do that.
> which part of config file should be modified for this problem?
Write a policy:
if (User-Password) {
update request {
User-Password := "%{tolower:%{User-Password}}"
}
}
This will force all passwords to lowercase. They will need to be in
the database as lowercase.
Or, edit your database queries to do case-insensitive checks.
In general, this is a very bad idea. It's insecure.
Alan DeKok.
More information about the Freeradius-Users
mailing list