Erico Augusto wrote:
> All I can say is "huh"? You want to use a custom app, and you
>solution is to write a shell script that does... nothing?
sure not!
> Perhaps you could explain how the custom app *currently* interacts
> with FreeRADIUS. From the examples you've posted, it doesn't.
it's called
learning ...
> My suggestion was to write a program that would send the username &&
> password to the custom app. See the documentation for how to see the
>username && password in a shell script run by rlm_exec.
that's what I'm looking for ... constructive suggestions ...
> What makes you think that the shell script changes the password?
>Nothing in the documentation or examples would lead you to believe that
>simple echoing a number would have the magic side-effect of changing the
>password.
just learning how the tool works...
> The configurations you've shown don't match the documentation. i.e.
>You think they do one thing, but the documentation says they do
>something else.
The interaction with JRadius now works ... it wasn't an issue with freeradius ... JRadius API was outputing
[Encrypted String] to the password ... in truth, it's just
in ASCII ... a simple casting fix everything.
So, to get cleartext password with WinXP SecureW2(EAP-TTLS) Supplicant configured to PAP at Authentication Tab, using JRadius API, just gather password bytes as following:
byte [] passByte = requestPacket.getAttributes().get(Attr_UserPassword.NAME). getValue().getBytes();
where requestPacket is a RadiusPacket object.
Erico.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html