Get access to User-Password in rlm_sql_mysql

Lars Timmann L at rs.timmann.de
Mon May 19 13:02:22 CEST 2014


Hello freeradius users,

I am working on an implementation of one time passwords in radius. I
know there are many solutions for that, but I don't want to grant the
freeradius-mysql-user too much.

So I made three functions and a view in my database that freeradius just
have to set two variables with username and one time password in the
mysql session to get the needed results.

In my freerardius mysql config I want to call it like this:

        authorize_check_query = "\
          set @username='%{SQL-User-Name}'; \
          set @otp='%{User-Password}'; \
          SELECT id, username, attribute, value, op \
          FROM ${authcheck_table}"

The variable username is filled with the User-Name but the variable otp
stays empty.
I tried several variations of User-Password like Chap-password,
SQL-User-Password and so on. Maybe I am to stupid to find it in the
documentation, but can you please tell me what I have to do or point me
at the right part of the documentation?

Or am I completely on the wrong way?

Thank in advance,
    Lars



More information about the Freeradius-Users mailing list