24 Apr
2013
24 Apr
'13
10:47 a.m.
Mehdi Ravanbakhsh wrote:
how i could check case insensitive password for user..
You don't.
and it is better if i could limit this kind of password check for some nas-ip-adress.
Write "unlang" rules to do that.
which part of config file should be modified for this problem?
Write a policy: if (User-Password) { update request { User-Password := "%{tolower:%{User-Password}}" } } This will force all passwords to lowercase. They will need to be in the database as lowercase. Or, edit your database queries to do case-insensitive checks. In general, this is a very bad idea. It's insecure. Alan DeKok.