27 Oct
2007
27 Oct
'07
12:57 p.m.
Ali Majdzadeh wrote:
Would you please tell me whether the scenario is correct or not? 1) We obtain the clear text password in the authorization section of our module. 2) We populate the request->config_items with the clear text password. 3) The CHAP module authenticates the user using the supplied clear text password.
Yes. But the clear text password you populate is NOT the same as the password entered by the user. So authentication fails. Alan DeKok.