Authentication and Rest
Matthew Newton
mcn at freeradius.org
Wed Mar 28 02:00:32 CEST 2018
On Tue, 2018-03-27 at 22:21 +0000, Gelinas, Robert wrote:
> I have a problem with authenticating after a RESTful auth. The
> response from the rest call seems to be integrating (free radius is
> expanding the response), but the Cleartext-Password doesn't seem to
> be carrying forward to the authentication portion.
You're calling rest in the outer "default" server.
> There are a lot more 'authorize/authenticate' call sets than I
> expected,
PEAP is like that...
> but in the end, I expected things to resolve; however, they fail with
> 'no Cleartext-Password' error message in the MD5 portion.
You haven't got the Cleartest-Password attribute in the inner-tunnel;
it's in the outer.
Move "rest" from the default server to the inner-tunnel virtual server.
You'll also save a lot of load on your REST server by only querying it
once, rather than every EAP round-trip.
--
Matthew
More information about the Freeradius-Users
mailing list