Hello all. I have developed a freeradius module which I want to be executed only after a successful authentication, therefore I have put it in the post-auth section. But the problem is that the module is being execute two times. This is the freeradius log: ------------------------------------------------------------------------------------------- Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 8 rlm_eap: Request found, released from the list rlm_eap: EAP/mschapv2 rlm_eap: processing type mschapv2 rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok for request 8 modcall: leaving group authenticate (returns ok) for request 8 Processing the post-auth section of radiusd.conf modcall: entering group post-auth for request 8 ********************************** rlm_my_module ********************************** * modcall[post-auth]: module "nassaml_authz" returns ok for request 8 modcall: leaving group post-auth (returns ok) for request 8 PEAP: Tunneled authentication was successful. rlm_eap_peap: SUCCESS modcall[authenticate]: module "eap" returns handled for request 8 modcall: leaving group authenticate (returns handled) for request 8 *Sending Access-Challenge *of id 0 to 155.54.205.100 port 2048 . . . rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: Received EAP-TLV response. rlm_eap_peap: Tunneled data is valid. rlm_eap_peap: Success rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok for request 9 modcall: leaving group authenticate (returns ok) for request 9 Processing the post-auth section of radiusd.conf modcall: entering group post-auth for request 9 ********************************** rlm_my_module *********************************** El usuario para autenticar es [lolo] El servidor con el que comunicarnos es [155.54.205.229:5555] La decision ha sido: 1 modcall[post-auth]: module "nassaml_authz" returns ok for request 9 modcall: leaving group post-auth (returns ok) for request 9 *Sending Access-Accept* of id 0 to 155.54.205.100 port 2048 ------------------------------------------------------------------------------------------- I can't understand why, after execute the first time the post auth section, an access-challenge is sent, instead of an Access-Accept, such as in the second time this section is executed. Can anybody help me? Thanks in advance. -- ----------------------------- Manuel Sanchez Cuenca Departamento de Ingenieria de la Informacion y las Comunicaciones Facultad de Informatica. Universidad de Murcia Campus de Espinardo - 30080 Murcia (SPAIN) Tel.: +34-968-364644 Fax: +34-968-364151 email: msc@dif.um.es | manuelsc@um.es url: http://libra.inf.um.es/~lolo
participants (1)
-
Manuel Sánchez Cuenca