2011/5/27 Phil Mayers <p.mayers@imperial.ac.uk>:
The Idea is:
* client connects to XMPP server * client sends uid/radiusPassword (see below) * XMPP server sends MSChapv2 request * radius server replies with yes/no
Interesting. Since the client is sending user/password, why do you want to translate that to an MSCHAP request?
Well, I don't know really but there was a plugin from jradius that could do that, but as I said is somewhat dated
radiusPassword is an attribute alternative that we created instead userPassword. We use it instead of userPassword which is used for mail and intranet access.
This is an attribute where? In a radius packet?
Is an ldap attribute and AFAIK is a checkiTem, I have the following in ldap.attrmap: checkItem Cleartext-Password radiusPassword
I was testing openfire but it can't choose the attribute, only uses userPassword, and has a radius plugin a bit outdated...
Have you tried PAM and pam_radius? -
No yet :) -- -- Sergio Belkin http://www.sergiobelkin.com Watch More TV http://sebelk.blogspot.com LPIC-2 Certified - http://www.lpi.org