2011/5/27 Phil Mayers <p.mayers@imperial.ac.uk>:
On 27/05/11 16:58, Sergio Belkin wrote:
I mean use a xmppserver as a NAS. I think that it provide more flexibility to choose based on what attributes is performed the authentication.
So, would the idea be that:
* client connects to XMPP server * client sends username/password * XMPP server sends PAP request * radius server replies with yes/no
The easiest way is probably PAM and pam_radius, but it only does authentication.
But I assume you want to do something more complex? -
The Idea is: * client connects to XMPP server * client sends uid/radiusPassword (see below) * XMPP server sends MSChapv2 request * radius server replies with yes/no radiusPassword is an attribute alternative that we created instead userPassword. We use it instead of userPassword which is used for mail and intranet access. I was testing openfire but it can't choose the attribute, only uses userPassword, and has a radius plugin a bit outdated... -- -- Sergio Belkin http://www.sergiobelkin.com Watch More TV http://sebelk.blogspot.com LPIC-2 Certified - http://www.lpi.org