Hi.<br><br>Some weeks ago I was asking for this, but didn't receive an answer. <br><br>Subject is MySQL Authentication based on a Calling-Station-ID. The problem is, that the cisco Switch doesn't send a user-name&user-password in his access-request, and mysql doesn't like!
<br><br>--> <br><pre><i>Error: rlm_sql<br></i>><i> (sql): zero length username not permitted"<br><br><span style="font-style: italic;">I tried to comment out this part in the sql-module source-code, and recompile freeradius. To my surprise, this actually DOES work.
<br><br>--><br><br>rad_recv: Access-Request packet from host <a href="http://127.0.0.1:1046">127.0.0.1:1046</a>, id=134, length=52<br> User-Name = ""<br> User-Password = "michael"<br> NAS-IP-Address =
<a href="http://255.255.255.255">255.255.255.255</a><br> NAS-Port = 1812<br> Processing the authorize section of radiusd.conf<br>modcall: entering group authorize for request 0<br> modcall[authorize]: module "preprocess" returns ok for request 0
<br> modcall[authorize]: module "chap" returns noop for request 0<br> modcall[authorize]: module "mschap" returns noop for request 0<br> rlm_realm: No '@' in User-Name = "", looking up realm NULL
<br> rlm_realm: No such realm "NULL"<br> modcall[authorize]: module "suffix" returns noop for request 0<br> rlm_eap: No EAP-Message, not doing EAP<br> modcall[authorize]: module "eap" returns noop for request 0
<br> users: Matched entry DEFAULT at line 152<br> modcall[authorize]: module "files" returns ok for request 0<br>radius_xlat: 'michael'<br>rlm_sql (sql): sql_set_user escaped user --> 'michael'<br>radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck ? WHERE Username = 'michael' ORDER BY id'
<br>rlm_sql (sql): Reserving sql socket id: 4<br>radius_xlat: 'SELECT <a href="http://radgroupcheck.id">radgroupcheck.id</a>,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'michael' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY <a href="http://radgroupcheck.id">radgroupcheck.id</a>'<br>radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'michael' ORDER BY id'
<br>radius_xlat: 'SELECT <a href="http://radgroupreply.id">radgroupreply.id</a>,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'michael' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY <a href="http://radgroupreply.id">radgroupreply.id</a>'<br>rlm_sql (sql): Released sql socket id: 4<br> modcall[authorize]: module "sql" returns ok for request 0
<br>modcall: group authorize returns ok for request 0<br> rad_check_password: Found Auth-Type Accept<br> rad_check_password: Auth-Type = Accept, accepting the user<br>Sending Access-Accept of id 134 to <a href="http://127.0.0.1:1046">
127.0.0.1:1046</a><br>Finished request 0<br>Going to the next request<br>--- Walking the entire request list ---<br>Waking up in 6 seconds...<br>--- Walking the entire request list ---<br>Cleaning up request 0 ID 134 with timestamp 43bc1274
<br>Nothing to do. Sleeping until we see a request.<br><br>Sql.conf was told, to check for the password, not username. It works!<br><br><br>So, my question is, like in the subject, mainly directed to alan, or some other developper of the sql-module.
<br><br>WHY was it done like that, i.e. that you HAVE to use a username in sql?<br><br>Thanks for your help, I really appreciate it!<br><br><span style="font-style: italic;"><br>Bye.<br></span><br></span></i></pre>