Adding Cleartext-Password for EAP requests (new module development)
Suneth Kariyawasam
sunethnk at gmail.com
Wed Aug 11 15:57:27 CEST 2021
Hi Alan,
Thank you for the swift response,
During authorization, my module knows the Cleartext-Password user has
submitted to send towards OpenIAM, Is there a way to add that to the
request.
Suneth.
On Wed, Aug 11, 2021 at 7:24 PM Alan DeKok <aland at deployingradius.com>
wrote:
> On Aug 11, 2021, at 9:51 AM, Suneth Kariyawasam <sunethnk at gmail.com>
> wrote:
> >
> > I am trying to develop a freeradius module for authorization with OpenIAM
> > and the module works fine with PAP and EAP-TTLS with PAP. Is there a way
> to
> > decode the EAP packet and access the User-Password attributes within the
> > mod_authorize method of my module or using an unlang policy?
>
> No. It's impossible.
>
> > Currently, EAP-TTLS wth PAP only woks because when the request is
> tunneled
> > eap_ttls copy all attributes but with MS-CHAP and others are not working
> > due to missing Cleartext-Password.
>
> Yes. It's impossible to get the clear-text password from MS-CHAP.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/devel.html
More information about the Freeradius-Devel
mailing list