Jason Carr <jcarr@andrew.cmu.edu> wrote:
Against recommendations, I've added DEFAULT Auth-Type := EAP and the server still says it's trying to use local authentication. Does the server fall back to local if it doesn't know which method to use or if there's an error?
It uses Auth-Type = Local in one of two situations: a) There is a User-Password in the packet, AND there is a "known good" User-Password found in the configuration b) A configuration file tells it to use Auth-Type = Local. As I said in a previous message, the default configuration of the server DOES NOT use Auth-Type = Local for EAP. The ONLY reason it's happening is that your local configuration is telling it to. This is doubly true, now that you've forced Auth-Type to EAP, and it *still* doesn't work. The server does not have magic code inside of it to force Auth-Type = Local. YOU are setting it somewhere in a configuration. Go back, and read your configuration. Odds are that one of the things you put into SQL was Auth-Type = Local. If you still don't believe me, delete "sql" from the "authorize" section, and add a user & password to the "users" file. If you've configured EAP, then EAP *will* work. Alan DeKok.