Multiple authendication from client using freeRadius server

Alexander Clouter alex at
Tue Jun 23 11:25:20 CEST 2009

kpani <dhandu_k at> wrote:
> I am using freeRadius server and JRadius client for my java application user
> authentication.
> I have a scenario for multiple authentication by user. 1) User will provide
> username 2) Radius server will authenticate and response access-challenge 3)
> The user will be prompted to enter password. This will continue for few more
> steps.
> I was advised to develop a custom authentication protocol. I am not sure if
> this is the only way. Please suggest me an idea or reference to implement
> this.
I think the 'ugly' usual way this is implemented is that you roll the 
password and challenge response into a single authentication request.

Those extortionately priced RSA keytabs do this by getting the user to 
send "<password><challenge-response>" concatinated together.

Of course this depends on:
 1) ability to send plain text password to RADIUS server (or plaintext 
	passwords being available on the RADIUS server)
 2) how the *user* effectively interacts with what is a fancy RADIUS 


Alexander Clouter
.sigmonster says: Who loves me will also love my dog.
                  		-- John Donne

More information about the Freeradius-Devel mailing list