Digest auth with LDAP
Phil Mayers
p.mayers at imperial.ac.uk
Mon Jul 17 11:15:12 CEST 2006
Matt wrote:
> Hello,
>
> I have a problem with the users file. Indeed, if I write in this file :
>
> DEFAULT Auth-Type := digest
>
> I got this error "rlm_digest: Configuration item "User-Password" or
> Digest-HA1 is required for authentication."
Digest auth REQUIRES the plaintext password or digest HA1 attribute
(hence the message). If your LDAP directory doesn't contain these, you
will not be able to do digest auth with it.
>
> So I decided to put a Digest-HA1 attribute in the users file and the auth
> works :
>
> DEFAULT Auth-Type := digest, Digest-HA1 :=
> "409e2df0ac3a755199a8a91817bb87b8"
>
> But it's works of course only for my login. How to do this for different
> login?
The Digest-HA1 attribute is per-user - it's like the password crypt, but
different. You need each users plaintext password to generate it.
>
> Thank you for your help and sorry for my English!
> Sincerely,
> Matt
More information about the Freeradius-Users
mailing list