<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hi Mercier<br>
<br>
What it sounds like you are trying to do, needs more than just the
radius server to do it. One of the features I'm writing for the
Grase Hotspot (which uses Coova Chilli and Freeradius), is the
ability for the user to create an account based on their mobile
number.<br>
<br>
It goes a bit like this.<br>
User is presented with a form that allows them to enter a "username"
which has to be their mobile number.<br>
The form is submitted to a php script, which then creates a user in
the radius tables (SQL) with the username as their mobile number,
and generates them a random password. The same php script then sends
that random password via a sms gateway to the users mobile phone
(confirming that the number is correct and the user has possession
of it).<br>
The user is then presented with a normal login form, which they can
use the mobile number, and the password they received as a sms, to
login which is handled via normal Coova Chilli and Radius.<br>
<br>
What you could do, is again, using a php script, generate the OTP
and create the user in a special temporary table with the OTP and a
password (maybe the user sets the password as well). Then, the user
sends the OTP to the special number, and waits. When the SMS arrives
at the special number, it would need to trigger a script somehow
(not sure how you receive your SMS as all the gateways I use are for
sending only), which would then confirm the OTP from the temporary
table, if it is valid then we create the user with the password
specified in the table, and then the user can login.<br>
<br>
I'm assuming though, what you want to do, sounds like 2 different
things. Firstly you want the Radius server to create a user when
there is no user known. For this, you are going to need a script
that does it. I prefer an external script, but you could use
rlm_perl or similar to do it.<br>
<br>
The seconds half of what you are doing, sounds like using OTP's for
the user. There are a few ways to do this, but normally the user
ether has an application (i.e. smartphone, or security token dongle
thing) that is pre-authorised with codes to assist with generating
the time based OTP's. Or, a list of use once passwords that the
server also has, to be used in order. Or, as most banks around here
do, sending a sms to the authorised phone number of the user, so the
user uses that instead of their normal password.<br>
<br>
I hope that is clear. You probably need to do 2 different things to
get the solution you want.<br>
<br>
Tim<br>
<br>
On 07/03/12 22:56, Mercier Valentin wrote:
<blockquote cite="mid:6D6046628F054883BB085E37D026E6D5@gmail.com"
type="cite">
<div> Hi everyone, </div>
<div><br>
</div>
<div>I'm using Freeradius 2.1.12 on a server Debian. I have an
another server Debian with Coovachilli (captive portal) and an
Access Point based on Ruckus OS. </div>
<div>When my users connected on the AP, a web page is coming with
a formular to connect. Then the user enter is information
(username and password) and Coovachilli made the authentication
on the radius and this is working fine. </div>
<div><br>
</div>
<div>Now I want to make something different, when the user
connected on the AP, I want that he received a little formular,
then he need to enter a username (not know on the radius) and i
want the radius to create a One Time Password and send it to the
user (on an another webpage). And the user send this OTP via SMS
to a smsm gateway to finish the authentication, is that
possible, and if yes, could someone explain to me how I can make
it ?</div>
<div><br>
</div>
<div>For the gateway sms I am using SMSLib (java library) on the <b>same</b> server
as freeradius. </div>
<div><br>
</div>
<div>Best regards and sorry for my bad english (from
switzerland). <br>
-- <br>
Mercier Valentin<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">-
List info/subscribe/unsubscribe? See <a class="moz-txt-link-freetext" href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a></pre>
</blockquote>
<br>
</body>
</html>