Authenticate to an external database
Mauricio
mauri5000 at hotmail.com
Mon Jun 20 21:34:55 CEST 2016
El 20/06/16 a las 16:17, Alan DeKok escribió:
> On Jun 20, 2016, at 3:07 PM, Mauricio <mauri5000 at hotmail.com> wrote:
>>> A postgress database of students from a college, that already has it own schema
> You can edit the SQL queries to use that schema.
>
> Can you:
>
> a) SELECT by user-name from the RADIUS packet? and
>
> b) get a password in some format?
>
> Yes: write a SELECT statement to do that:
Yes i can, but not directly, i am using a web service that
return the credentials and the http status code from the database
server to freeradius server by rlm_rest.
>
> update control {
> Cleartext-Password := "%{select password from table where name=%{User-Name}"
> }
>
> Or, no: you can't get the password from the database, so what you want to do is impossible.
>
>>> The problem is that the database is located in an external server and is not a freeradius schema's database. i mean, in the database there is no table radcheck, etc.
> That's fine.
>
> But are you doing EAP-TLS? If so, there are no passwords in the RADIUS packets. So you can't check passwords against an external database.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list