I’ve cleared my default file a bit. I think these are the needed lines: authorize { exec } # Authentication. authenticate { exec } Now here’s my PHP script: <?php if ($argv[1] == 'testing' && $argv[2] == 'password') { echo "Accept"; return (0); } else echo "REJECT"; exit(2); ?> When I try to make a request this is the debug output: (0) authorize { (0) exec: Executing: /usr/bin/php -f /usr/local/auth.php %{User-Name} %{User-Password}: (0) exec: EXPAND %{User-Name} (0) exec: --> testing (0) exec: EXPAND %{User-Password} (0) exec: --> password (0) exec: Program returned code (0) and output 'Accept' (0) exec: Program executed successfully (0) [exec] = ok (0) } # authorize = ok (0) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (0) Failed to authenticate the user It seems like the returned value of my PHP script is incorrect?
Am 21.07.2016 um 23:16 schrieb Matthew Newton <mcn4@leicester.ac.uk>:
On Thu, Jul 21, 2016 at 09:01:57PM +0000, Janis Heller wrote:
Since RADIUS don’t support bcrypt() hashed passwords this isn’t possible. That’s why I choose this way.
If you're using a BSD system then you can use FreeRADIUS. Otherwise just watch the system doesn't get too slow doing authentications.
Any idea what’s my fault. It seems like PAP is active, I already put a # before the line of PAP.
Did you try anything I suggested?
Matthew
-- Matthew Newton, Ph.D. <mcn4@leicester.ac.uk>
Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp@le.ac.uk> - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html