finally i had some luck i guess, now the radius do authentication, but jradius simulator say's timedout, could be ACS is not passing the information to simulator i feel. though i am using ACS proxy distributin table, still simulator is not getting the response back, any clues will be greatly appreciated sir/mam. once after this is up, how do i proceed to forward/receive these info (username,password, token pass)to be confirmed for the java based application i know i am in total confusion mode, but some kind of help will be helpful for me to look towards right direction.. rlm_jradius: reading attribute: type=1259012097; len=1 rlm_jradius: Released JRadius socket id: 6 ++[jradius] returns updated ++[preprocess] returns ok [chap] Setting 'Auth-Type := CHAP' ++[chap] returns ok [files] users: Matched entry doe@mydomain.com at line 90 [files] expand: Hello, %{User-Name} -> Hello, doe@mydomain.com ++[files] returns ok Found Auth-Type = CHAP +- entering group CHAP {...} [chap] login attempt by "doe@mydomain.com" with CHAP password [chap] Using clear text password "hello" for user doe@mydomain.com authentication. [chap] chap user doe@mydomain.com authenticated succesfully ++[chap] returns ok Login OK: [doe@mydomain.com/<CHAP-Password>] (from client mydomain port 0) +- entering group post-auth {...} ++[exec] returns noop Sending Access-Accept of id 2 to 192.168.0.50 port 2773 Reply-Message = "Hello, doe@mydomain.com" Proxy-State = 0x434953434f3a30 Finished request 1. Going to the next request Waking up in 1.9 seconds. Cleaning up request 1 ID 2 with timestamp +13 Ready to process requests. sollunga wrote:
thanks ivan for the quick reply, will get back to you shortly
sollunga wrote:
i am using Cisco ACS for authenticating my vpn users, now i thought of using two factor auth in place against the direct authentication by ACS, on this process one of the googling guided me to try proxying the ACS to Freeradius and call some scripts to talk to the java application. now by making the ACS to do proxying at network configuration, i can see the request is flowing to freeradius from ACS, and the freeradius does
"" [chap] rlm_chap: Attribute "User-Name" is required for authentication. ++[chap] returns invalid Failed to authenticate the user. Using Post-Auth-Type Reject +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> ++[attr_filter.access_reject] returns noop Delaying reject of request 27 for 1 seconds
""
after a while it says
"" [pap] Found existing Auth-Type, not changing it. ++[pap] returns noop Found Auth-Type = CHAP +- entering group CHAP {...} [chap] login attempt by "Doe" with CHAP password [chap] Using clear text password "hello" for user Doe authentication. [chap] chap user Doe authenticated succesfully ++[chap] returns ok +- entering group post-auth {...} ++[exec] returns noop Sending Access-Accept of id 63 to
"" i am trying to figure out where could be the issue
once after this process, i need to send the same to a java application and get a success status from there and authenticate this user.
could it be possible?
team i am a newbie here, i am just a sys admin, and now trying extend my knowledge, please help me.
-- View this message in context: http://www.nabble.com/Freeradius%2BJava-application-api-call-and-authenticat... Sent from the FreeRadius - User mailing list archive at Nabble.com.