+ in Usernames?
Christian Meutes
christian.meutes at de.clara.net
Wed Oct 19 15:15:16 CEST 2005
Hello,
i want that an incoming request is always authenticated and should reply
with some attributes.
i have the following entry in my sql database in radcheck:
---
id UserName Attribute op Value
| 18 | +496925738971 at sip.claranet.de | Auth-Type | := | Accept
---
The incoming request looks like this:
---
Packet-Type = Access-Request
Wed Oct 19 14:42:17 2005
User-Name = "+496925738971 at sip.claranet.de"
Service-Type = Call-Check
NAS-IP-Address = 172.20.23.232
NAS-Port = 0
Client-IP-Address = 172.20.23.232
---
I dont know where the problem exists exactly, but the the radius.log says:
---
Wed Oct 19 14:36:16 2005 : Auth: Login incorrect:
[+496925738971 at sip.claranet.de/<no User-Password attribute>] (from client
test port 0)
---
radiusd -X output:
---
rad_recv: Access-Request packet from host 172.20.23.232:33352, id=212,
length=69
User-Name = "+496925738971 at sip.claranet.de"
Service-Type = Call-Check
NAS-IP-Address = 172.20.23.232
NAS-Port = 0
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
radius_xlat: '/var/log/radacct/172.20.23.232/auth-detail-20051019'
rlm_detail: /var/log/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /var/log/radacct/172.20.23.232/auth-detail-20051019
modcall[authorize]: module "auth_log" returns ok for request 0
modcall[authorize]: module "digest" returns noop for request 0
rlm_realm: No '%' in User-Name = "+496925738971 at sip.claranet.de",
looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "realmpercent" returns noop for request 0
rlm_realm: Looking up realm "sip.claranet.de" for User-Name =
"+496925738971 at sip.claranet.de"
rlm_realm: Found realm "sip.claranet.de"
rlm_realm: Adding Stripped-User-Name = "+496925738971"
rlm_realm: Proxying request from user +496925738971 to realm
sip.claranet.de
rlm_realm: Adding Realm = "sip.claranet.de"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "realmat" returns noop for request 0
rlm_realm: Request already proxied. Ignoring.
modcall[authorize]: module "realmraute" returns noop for request 0
radius_xlat: '+496925738971 at sip.claranet.de'
rlm_sql (sql): sql_set_user escaped user --> '+496925738971 at sip.claranet.de'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = '=2B496925738971 at sip.claranet.de'
ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 255
rlm_sql (sql): User +496925738971 at sip.claranet.de not found in radcheck
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username =
'=2B496925738971 at sip.claranet.de' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username =
'=2B496925738971 at sip.claranet.de' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): User +496925738971 at sip.claranet.de not found in radgroupcheck
rlm_sql (sql): User not found
rlm_sql (sql): Released sql socket id: 255
modcall[authorize]: module "sql" returns notfound for request 0
modcall: group authorize returns ok for request 0
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [+496925738971 at sip.claranet.de/<no User-Password
attribute>] (from client test port 0)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 172.20.23.232:33353, id=213,
length=69
User-Name = "+496925738971 at sip.claranet.de"
Service-Type = Call-Check
NAS-IP-Address = 172.20.23.232
NAS-Port = 0
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
radius_xlat: '/var/log/radacct/172.20.23.232/auth-detail-20051019'
rlm_detail: /var/log/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /var/log/radacct/172.20.23.232/auth-detail-20051019
modcall[authorize]: module "auth_log" returns ok for request 1
modcall[authorize]: module "digest" returns noop for request 1
rlm_realm: No '%' in User-Name = "+496925738971 at sip.claranet.de",
looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "realmpercent" returns noop for request 1
rlm_realm: Looking up realm "sip.claranet.de" for User-Name =
"+496925738971 at sip.claranet.de"
rlm_realm: Found realm "sip.claranet.de"
rlm_realm: Adding Stripped-User-Name = "+496925738971"
rlm_realm: Proxying request from user +496925738971 to realm
sip.claranet.de
rlm_realm: Adding Realm = "sip.claranet.de"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "realmat" returns noop for request 1
rlm_realm: Request already proxied. Ignoring.
modcall[authorize]: module "realmraute" returns noop for request 1
radius_xlat: '+496925738971 at sip.claranet.de'
rlm_sql (sql): sql_set_user escaped user --> '+496925738971 at sip.claranet.de'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = '=2B496925738971 at sip.claranet.de'
ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 254
rlm_sql (sql): User +496925738971 at sip.claranet.de not found in radcheck
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username =
'=2B496925738971 at sip.claranet.de' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username =
'=2B496925738971 at sip.claranet.de' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): User +496925738971 at sip.claranet.de not found in radgroupcheck
rlm_sql (sql): User not found
rlm_sql (sql): Released sql socket id: 254
modcall[authorize]: module "sql" returns notfound for request 1
modcall: group authorize returns ok for request 1
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [+496925738971 at sip.claranet.de/<no User-Password
attribute>] (from client test port 0)
Delaying request 1 for 1 seconds
Finished request 1
Going to the next request
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 172.20.23.232:33352, id=212,
length=69
Sending Access-Reject of id 212 to 172.20.23.232:33352
--- Walking the entire request list ---
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 172.20.23.232:33353, id=213,
length=69
Sending Access-Reject of id 213 to 172.20.23.232:33353
Waking up in 1 seconds...
--- Walking the entire request list ---
Either i have a problem with my authorize section or the username shouldnt
include an "+" i think.
Anybody with an idea?
kind regards,
-christian
More information about the Freeradius-Users
mailing list