Need to change response type to Access-Challenge from rlm_perl

Mon Feb 18 16:00:16 CET 2013

Hi,

Looking through archives for this exact question, I see a post from 2008 (
http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg47423.html)
where this exact question was previously asked.

Here is my server version info:
radiusd: FreeRADIUS Version 2.2.0, for host x86_64-unknown-linux-gnu, built
on Feb 17 2013 at 03:34:41

Here's my code:

  # Construct HTTP request

        my $authresult =
&authamis($RAD_REQUEST{'User-Name'},$RAD_REQUEST{'User-Password'});
        &radiusd::radlog(L_DBG, "Result after authamis call ->
$authresult");

        if($authresult eq "true") {
                $RAD_CHECK{'Response-Packet-Type'} = "Access-Challenge";
                $RAD_REPLY{'Reply-Message'} = "authentication successful";
                for (keys %RAD_REPLY) {
                        &radiusd::radlog(L_DBG, "RAD_REPLY: $_ =
$RAD_REPLY{$_}");
                }
                for (keys %RAD_CHECK) {
                        &radiusd::radlog(L_DBG, "RAD_CHECK: $_ =
$RAD_CHECK{$_}");
                }
                for (keys %RAD_CONFIG) {
                        &radiusd::radlog(L_DBG, "RAD_CONFIG: $_ =
$RAD_CONFIG{$_}");
                }
                return RLM_MODULE_OK
        }
        else {
                $RAD_REPLY{'Reply-Message'} = "authentication failure";
                return RLM_MODULE_REJECT;
        }

Here is the relevant debug output:

Found Auth-Type = perl
# Executing group from file
/opt/app/freeradius/etc/raddb/sites-enabled/default
+- entering group perl {...}
rlm_perl: RAD_REQUEST: User-Name = test
rlm_perl: RAD_REQUEST: User-Password = 42594190
rlm_perl: RAD_REQUEST: NAS-IP-Address = 192.168.65.1
rlm_perl: AMIS request:
http://amis.jdt.com:8080/auth/authenticate/test/42594190
rlm_perl: Result after authamis call -> true
rlm_perl: RAD_REPLY: Reply-Message = authentication successful
rlm_perl: RAD_CHECK: Response-Packet-Type = Access-Challenge
rlm_perl: RAD_CHECK: Auth-Type = perl
rlm_perl: RAD_CONFIG: Auth-Type = perl
rlm_perl: Added pair User-Name = test
rlm_perl: Added pair User-Password = 42594190
rlm_perl: Added pair NAS-IP-Address = 192.168.65.1
rlm_perl: Added pair Reply-Message = authentication successful
rlm_perl: Added pair Response-Packet-Type = Access-Challenge
rlm_perl: Added pair Auth-Type = perl
++[perl] returns ok
# Executing section post-auth from file
/opt/app/freeradius/etc/raddb/sites-enabled/default
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 81 to 192.168.65.1 port 53504
        Reply-Message = "authentication successful"
Finished request 0.
Going to the next request

Clearly the Access-Challenge setting is not being honored by the server. Is
there another attribute that must be set to configure the response type?

Thanks,
Walter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130218/60524fb0/attachment-0001.html>