On 09/20/2012 08:56 PM, Tarık Kabak wrote:
Hi Arran,
Can you tell me please what is wrong with this php script below. Or is there any working example script?
What's "wrong" with the script is that what you want to do is impossible. EAP is a challenge-response authentication method. You can't just run a PHP script and get a username/password. As per my previous email, see here: http://deployingradius.com/documents/protocols/oracles.html ...and also here: http://deployingradius.com/documents/protocols/compatibility.html Read those pages until you understand them.
Note that this script is just for simplifying at all.
To repeat: what you want to do is impossible. The ONLY thing you can do is *if* you are using EAP-TTLS/PAP on the clients and *then* you can use a script, as follows: sites-enabled/inner-tunnel: authorize { ... if (User-Password) { # this is a PAP request, pass to our script update control { Auth-Type := myscript } } } authenticate { ... Auth-Type myscript { my_php_exec } } However, note that EAP-TTLS/PAP is not supported in Windows until Windows 8.