Group checking - Radius AVP retrieval
Alan DeKok
aland at ox.org
Fri Oct 14 22:51:01 CEST 2005
<lenirsantiago at yahoo.com> wrote:
> These are mysql tables:
>
> +----+----------+-----------+----+----------+
> | id | UserName | Attribute | op | Value |
> +----+----------+-----------+----+----------+
> | 1 | Jhassell | Password | == | changeme |
Use := rather than ==. See the rlm_sql documentation.
> | 8 | 1000 | Auth-Type | := | Digest |
> +----+----------+-----------+----+----------+
This forces digest authentication, even if they don't use digest.
Don't set Auth-Type unless you REALLY know what you're doing.
> rad_recv: Access-Request packet from host xx.xx.xx.xx:33025, id=15,
> length=67
> User-Name = "1000 at xx.xx.xx.xx"
> Sip-Group = "Dialin2"
> Service-Type = Group-Check
> NAS-IP-Address = 127.0.0.1
> NAS-Port = 0
There's no User-password *or* digest attributes in the packet, so
you can't do PAP or digest authentication.
If you don't set Auth-type := Digest, it looks like it might work.
Alan DeKok.
More information about the Freeradius-Users
mailing list