hi,
I am using free Radius 2.0.3. I m configured my AAA through rlm_perl. I need to do the authorization by using the following attributes.
Digest-Realm
Digest-Method
Digest-Uri
Digest-Nonce
Digest-Nonce
Digest-Response
Unfortunately i did not get any value from these attributes when i called using $RAD_REQUEST. Please tell me any idea to get these values.
Here is the piece of authorization code that i've used.
sub authorize
{
my $nasuser1;
my $nasuser;
my $naspass;
my $dUserName;
my $dRealm;
my $dMethod;
my $dUri;
my $dNonce;
my $nameindex;
my $dResponse;
$nasuser = $RAD_REQUEST{'User-Name'};
$naspass = $RAD_REQUEST{'User-Password'};
$dUserName= $RAD_REQUEST{'Digest-User-Name'};
$dRealm= $RAD_REQUEST{'Digest-Realm'};
$dMethod = $RAD_REQUEST{'Digest-Method'};
$dUri= $RAD_REQUEST{'Digest-URI'};
$dNonce=$RAD_REQUEST{'Digest-Nonce'};
$dResponse=$RAD_REQUEST{'Digest-Response'};
my $dPassword;
my $ha1;
my $ha2;
my $a1;
my $a2;
my $a;
my $sqltest;
my $sthtest;
my $user = "user";
my $password = "password";
my $dbhtest=DBI->connect('dbi:ODBC:MSSQLDSN',$user,$password,{PrintError=>0,RaiseError=>0});
my $dbh = DBI-> connect('dbi:ODBC:MSSQLDSN', $user, $password, {PrintError =>0, RaiseError =>0});
my $sql = qq/select * from testing where UserName = '$nasuser'/;
my $sth=$dbh->prepare($sql);
if($dbh)
{
$sth->execute();
if(my $row = $sth->fetchrow_hashref)
{
#password from database against the username
$dPassword=$row->{UserPassword};
$a1=$dUserName.':'.$dRealm.':'.$dPassword;
#first part of the hash calculated.
$ha1=md5($a1);
$a2=$dMethod.':'.$dUri;
#second part of the hash calculated.
$ha2=md5($a2);
#final string to be hashed.
$a=$ha1.':'.$dNonce.':'.$ha2;
#final response to be checked with the digest-response
$a=md5($a);
if($a eq $dResponse)
{
$RAD_REPLY{'Reply-Message'} = "Accepting Users";
return RLM_MODULE_OK;
}
else
{
$RAD_REPLY{'Reply-Message'} = "Incorrect Password";
return RLM_MODULE_REJECT;
}
}#End of row fetch
else
{
$RAD_REPLY{'Reply-Message'} = "Incorrect Username";
#$RAD_REPLY{'Reply-Message'} = $nasuser;
return RLM_MODULE_REJECT;
}#End of else
}#end of if database connection
else
{
$RAD_REPLY{'Reply-Message'} = "Cannot connect to database";
}
}#End of authorization subsection
With Regards
Elangbam Johnson