Username with spaces (MySQL)
Hi everybody. I'm using freeradius to log many wireless user, It works great. I have a MySQL table working with freeradius, and I use some SQL_counters to control the "timeup" of my users (based on the raddacct table of the database); everything work great, but I only have a problem: Using a captive portal the user "USER1" can login wirh he freeradius server and it record the event int the raddacct table. If anohter user wants to user the same username "USER1" he can't login (I'm using the simultaneus SQL script). But if an other user use the usrname "USER1 " and he puts some "spaces" after the username, HE CAN LOGIN! So I have many users using the same username putting one, two, three, ...etc., spaces after the username. How can I solve this situation? May be with a SQL query that ignores the spaces in the username? (talking about the sql counters) Thanks a lot!!! regards, Andrés
On Wed, 2013-04-17 at 22:03 -0500, Andres Gomez Ruiz wrote:
So I have many users using the same username putting one, two, three, ...etc., spaces after the username.
How can I solve this situation? May be with a SQL query that ignores the spaces in the username? (talking about the sql counters)
Not really a RADIUS question, but this is default behaviour for MySQL. Convert the VARCHAR Field to binary or use TRIM() for the counters. Regards, Wilco Baan Hofman
You can add if ("%{User-Name}" =~ / /) { reject } at the start of the authorize section. This rule will reject user(s) in case they add blank spaces before or after the username... On 18.4.2013 9:47, Wilco Baan Hofman wrote:
On Wed, 2013-04-17 at 22:03 -0500, Andres Gomez Ruiz wrote:
So I have many users using the same username putting one, two, three, ...etc., spaces after the username.
How can I solve this situation? May be with a SQL query that ignores the spaces in the username? (talking about the sql counters)
Not really a RADIUS question, but this is default behaviour for MySQL. Convert the VARCHAR Field to binary or use TRIM() for the counters.
Regards,
Wilco Baan Hofman
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
You can add
if ("%{User-Name}" =~ / /) { reject }
at the start of the authorize section.
This rule will reject user(s) in case they add blank spaces before or after the username...
invoke a policy. there are examples and usable methods already in policy.conf (2.x) and policy.d/* (3.x) - eg filter_username that you can use/modify. note that the above example quoted wont do what you expect...it will reject ANY user-name that contains a space anywhere - you may need to use some more regex to match whether space is at the END or BEGINNING of the attribute eg (quick, nasty example) if ( ("%{User-Name}" =~ / $/) || ("%{User-Name}" =~ /^ /) ){ reject } note...i said quick nasty example. this isnt the best regex. ;-) alan
Hi.... I had same trouble.. in version 1.x of radius.. and had to did queries like above with regex... but for luck in the new version 2.x just have to enable the policy.conf in the authorization module.. and your problem will be solve regards. 2013/4/18 <A.L.M.Buxey@lboro.ac.uk>
Hi,
You can add
if ("%{User-Name}" =~ / /) { reject }
at the start of the authorize section.
This rule will reject user(s) in case they add blank spaces before or after the username...
invoke a policy. there are examples and usable methods already in policy.conf (2.x) and policy.d/* (3.x) - eg filter_username that you can use/modify.
note that the above example quoted wont do what you expect...it will reject ANY user-name that contains a space anywhere - you may need to use some more regex to match whether space is at the END or BEGINNING of the attribute eg (quick, nasty example)
if ( ("%{User-Name}" =~ / $/) || ("%{User-Name}" =~ /^ /) ){ reject }
note...i said quick nasty example. this isnt the best regex. ;-)
alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Antonio Peña Secure email with PGP 0x8B021001 available at http://pgp.mit.edu Fingerprint: 74E6 2974 B090 366D CE71 7BB2 6476 FA09 8B02 1001
Thanks a lot guys! Both methods work. Finally I used the regex in the Authorize section. Best regards. Andrés
Hi Guys, I have another Cuestion. How can I convert the username to UPPERCASE in the authorization section? Or how can I Authorize only the Username wittren in UPPERCASE? Thanks 2013/4/19 Andres Gomez Ruiz <andres.gomez@urbalink.co>
Thanks a lot guys!
Both methods work. Finally I used the regex in the Authorize section.
Best regards. Andrés
-- * **C. Andres *
participants (5)
-
A.L.M.Buxey@lboro.ac.uk -
Andres Gomez Ruiz -
Marinko Tarlać -
Tony Peña -
Wilco Baan Hofman