On Tue, 2018-03-27 at 22:21 +0000, Gelinas, Robert wrote:
I have a problem with authenticating after a RESTful auth. The response from the rest call seems to be integrating (free radius is expanding the response), but the Cleartext-Password doesn't seem to be carrying forward to the authentication portion.
You're calling rest in the outer "default" server.
There are a lot more 'authorize/authenticate' call sets than I expected,
PEAP is like that...
but in the end, I expected things to resolve; however, they fail with 'no Cleartext-Password' error message in the MD5 portion.
You haven't got the Cleartest-Password attribute in the inner-tunnel; it's in the outer. Move "rest" from the default server to the inner-tunnel virtual server. You'll also save a lot of load on your REST server by only querying it once, rather than every EAP round-trip. -- Matthew