<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=UTF-8" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
Alan DeKok napisał(a):
<blockquote cite="mid45C0C8F3.7040300@deployingradius.com" type="cite">
<pre wrap="">tzieleniewski wrote:
</pre>
<blockquote type="cite">
<pre wrap="">I am using mysql module as the authorization module and I get the following warning:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Replacing User-Password in config items with Cleartext-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known good" !!!
!!! clear text password is in Cleartext-Password, and not in User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
How can I force sql module to put the password value taken from the database into the Cleartext-Password instead od User-Password??
</pre>
</blockquote>
<pre wrap=""><!---->
Update the data in the SQL database? You have the string
"User-Password". Change it to "Cleartext-Password".
</pre>
<blockquote type="cite">
<pre wrap="">And one more question but about digest module:
Will it work if I will use a sql module in authorize section and then digest in the authentication??
</pre>
</blockquote>
<pre wrap=""><!---->
Yes. You should list "digest" in the authorize section, too, as the
example config file shows.
</pre>
</blockquote>
Thanks for your answer.<br>
Please answer my one more question so I will be sure I understand
matters right.<br>
<br>
the authorize section is the section which defines procedures
responsible for granting a user an access to specific type of service.<br>
For instance if we use sql or files module in authorize section we can
intuitivly imagine that they do some checks about user data.<br>
For instance checks if data are present in the users file or in the
data base.<br>
And then in the authentication section they are for innstance
authenticate with the pap module wich makes the verification between
the data <br>
received from access packet and those taken from the users file or data
base.<br>
but there is another situation a little bit confusing when we for
instance call the chap, mschap or ldap modules in the authorize section
and then <br>
in the authenticate section. Does it work this way that somehow those
modules know that they are invoked in different phases(authorize,
authenticate)<br>
and perform different operations according to the needs?? Or for
instance the digest module what those the authorize section really do??<br>
Does it take any data from the users file ?? Or it just check the data
format and stuff??<br>
for instance<br>
<font><font><font face="verdana,ariel,sans-serif" size="2"><font
size="3">
<pre>authorise {
preprocess
chap
mschap
}</pre>
</font></font></font></font><font><font><font
face="verdana,ariel,sans-serif" size="2"><font size="3">
<pre>authenticate {
authtype PAP {
pap
}
authtype CHAP {
chap
}
authtype MS-CHAP{
mschap
}
}
I can really get the filling of those authtype declarations in the authenticate section
Im sure that few words of explanation will make me to understand everything.
Thank for any help
Tomasz
</pre>
</font></font></font></font>
<blockquote cite="mid45C0C8F3.7040300@deployingradius.com" type="cite">
<pre wrap="">
Alan DeKok.
--
<a class="moz-txt-link-freetext" href="http://deployingradius.com">http://deployingradius.com</a> - The web site of the book
<a class="moz-txt-link-freetext" href="http://deployingradius.com/blog/">http://deployingradius.com/blog/</a> - The blog
-
List info/subscribe/unsubscribe? See <a class="moz-txt-link-freetext" href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a>
</pre>
</blockquote>
<br>
</body>
</html>