On 3 Jun 2014, at 11:32, Javed Akhtar <javed@gowifi.in> wrote:
Hello i am trying to setup a basic authentication for users against the php script with the config bellow(removed functional things and showed reply only as example)
i am getting the error
Exec-Program output: user_name Cleartext-Password := "pass" Exec-Program-Wait: plaintext: user_name Cleartext-Password := "pass" Exec-Program: returned: 0 ++[php_check] returns ok [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Using Post-Auth-Type Reject
PLEASE SUGGEST ME THE CHANGES NEEDED
the module php looks like this exec php_check{ wait = yes program = "/usr/bin/php -f /var/rad_check.php %{Called-Station-Id} %{User-Name} %{User-Password}" input_pairs = request output_pairs = config shell_escape = yes }
php script is like this <?php echo 'user_name Cleartext-Password := "pass"'; ?>
radiusd.conf is like this authorize { php_check } authenticate { Auth-Type PAP { pap } }
Um, what's the 'user_name ' part for? and I know you're doing it for convenience, but learn a real programming language. PHP should have no role to play in anything security related, we've rejected native rlm_php modules before on those grounds. Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS Development Team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2