Mysql Authentication

Thu Jul 6 20:16:08 CEST 2006

It was actually much more of a basic problem - dialupadmin uses crypt
passwords by default and the default radius configuration looks for
clear text.

Thanks,
Max

On 7/6/06, Francois-Xavier GAILLARD <fx.gaillard at thefox.com.fr> wrote:
> Le Thu, Jul 06, 2006 at 10:48:03AM -0700, Max Clark ecrivait:
> > Hi all,
> >
> > We are migrating from an old installation of Radiator onto Freeradius.
> > Local test accounts work fine, however I am getting an error on mysql
> > based authentication. I am sure I'm missing something basic, here is
> > the output from the radiusd process.
> >
> > Thanks,
> > Max
> >
> > Ready to process requests.
> > rad_recv: Access-Request packet from host 127.0.0.1:59269, id=53, length=75
> >        User-Name = "cisp1 at foo.com"
> >        User-Password = "testdial"
> >        NAS-IP-Address = 255.255.255.255
> >        NAS-Port = 1812
> >  Processing the authorize section of radiusd.conf
> > modcall: entering group authorize for request 0
> >  modcall[authorize]: module "preprocess" returns ok for request 0
> >  modcall[authorize]: module "chap" returns noop for request 0
> >  modcall[authorize]: module "mschap" returns noop for request 0
> >    rlm_realm: Looking up realm "foo.com" for User-Name = "cisp1 at foo.com"
> >    rlm_realm: Found realm "foo.com"
> >    rlm_realm: Proxying request from user cisp1 to realm foo.com
> >    rlm_realm: Adding Realm = "foo.com"
> >    rlm_realm: Authentication realm is LOCAL.
> >  modcall[authorize]: module "suffix" returns noop for request 0
> >  rlm_eap: No EAP-Message, not doing EAP
> >  modcall[authorize]: module "eap" returns noop for request 0
> >    users: Matched entry DEFAULT at line 152
> >  modcall[authorize]: module "files" returns ok for request 0
> > radius_xlat:  'cisp1 at foo.com'
> > rlm_sql (sql): sql_set_user escaped user --> 'cisp1 at foo.com'
> > radius_xlat:  'SELECT id, UserName, Attribute, Value, op
> > FROM radcheck           WHERE Username = 'cisp1 at foo.com'
> > ORDER BY id'
> > rlm_sql (sql): Reserving sql socket id: 4
> > radius_xlat:  'SELECT
> > radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
> > FROM radgroupcheck,usergroup WHERE usergroup.Username =
> > 'cisp1 at foo.com' AND usergroup.GroupName = radgroupcheck.GroupName
> > ORDER BY radgroupcheck.id'
> > radius_xlat:  'SELECT id, UserName, Attribute, Value, op
> > FROM radreply           WHERE Username = 'cisp1 at foo.com'
> > ORDER BY id'
> > radius_xlat:  'SELECT
> > radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
> > FROM radgroupreply,usergroup WHERE usergroup.Username =
> > 'cisp1 at foo.com' AND usergroup.GroupName = radgroupreply.GroupName
> > ORDER BY radgroupreply.id'
> > rlm_sql (sql): Released sql socket id: 4
> >  modcall[authorize]: module "sql" returns ok for request 0
> > modcall: leaving group authorize (returns ok) for request 0
> >  rad_check_password:  Found Auth-Type System
> > auth: type "System"
> >  ERROR: Unknown value specified for Auth-Type.  Cannot perform
> > requested action.
> > auth: Failed to validate the user.
> > Delaying request 0 for 1 seconds
> > Finished request 0
> > Going to the next request
> > --- Walking the entire request list ---
> > Waking up in 1 seconds...
> > --- Walking the entire request list ---
> > Waking up in 1 seconds...
> > --- Walking the entire request list ---
> > Sending Access-Reject of id 53 to 127.0.0.1 port 59269
> > Waking up in 4 seconds...
> > --- Walking the entire request list ---
> > Cleaning up request 0 ID 53 with timestamp 44ad4ca3
>
> Set Auth-Type to Local in your database.
>
>
> Regards,
> Fox.
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.3 (GNU/Linux)
>
> iD8DBQFErVLawy/AUbta0EwRAvs8AJ98378eVPhgACk4Vf+VQbKtVR18KwCffZEC
> jDVkpNGWQnzBG+W80ofMlwg=
> =a1AQ
> -----END PGP SIGNATURE-----
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>

-- 
 Max Clark
 http://www.clarksys.com