mysql authentication doesn't work
???????, ?? ????????
const at one.lv
Tue Mar 7 10:27:30 CET 2006
in radiusd.conf:
authorize {
auth_log
sql
}
authenticate {
}
in sql.conf:
sql_user_name = "%{Calling-Station-Id}"
authorize_check_query = "SELECT id, UserName, Attribute, Value, op \
FROM ${authcheck_table} \
WHERE UserName = '%{SQL-User-Name}' AND User='%{User-Name}' \
ORDER BY id"
/usr/local/sbin/radiusd -X show me:
Listening on authentication XXX.XX.XX.XX:1812
Listening on accounting XXX.XX.XX.XX:1813
Ready to process requests.
rad_recv: Access-Request packet from host XXX.XX.XX.XX:1812, id=190, length=117
NAS-Identifier = "mynas2"
User-Name = "test"
User-Password = "testpass"
NAS-IP-Address = XXX.XX.XX.XX
NAS-Port-Type = Virtual
Called-Station-Id = "1000"
Calling-Station-Id = "3339999999"
Acct-Session-Id = "d45d6126058adce5"
Acct-Multi-Session-Id = "d45d612600010610"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
radius_xlat: '/usr/local/var/log/radius/radacct/auth-detail.log'
rlm_detail: /usr/local/var/log/radius/radacct/auth-detail.log expands to /usr/local/var/log/radius/radacct/auth-detail.log
modcall[authorize]: module "auth_log" returns ok for request 0
radius_xlat: '3339999999'
rlm_sql (sql): sql_set_user escaped user --> '3339999999'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE UserName = '3339999999' AND User='test' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
radius_xlat: ''
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE UserName = 'secondtest' ORDER BY id'
radius_xlat: ''
rlm_sql (sql): Released sql socket id: 4
rlm_sql (sql): No matching entry in the database for request from user [3339999999]
modcall[authorize]: module "sql" returns notfound for request 0
modcall: leaving group authorize (returns ok) for request 0
auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [test/testpass] (from client mynas2 port 0 cli 3339999999)
Sending Access-Reject of id 190 to XXX.XX.XX.XX port 1812
Finished request 0
So, select from database:
mysql> SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE UserName = '3339999999' AND User='test' ORDER BY id;
+-----+------------+-------------------+--------+----+
| id | UserName | Attribute | Value | op |
+-----+------------+-------------------+--------+----+
| 1 | 3339999999 | Auth-Type | Accept | := |
| 37 | 3339999999 | User-Password | 378b243e220ca493 | == |
| 73 | 3339999999 | User-Name | test | == |
| 109 | 3339999999 | Called-Station-Id | 1000 | == |
+-----+------------+-------------------+--------+----+
4 rows in set (0.58 sec)
------------------------------------
As I understand, radius cannot understand crypted "User-Password" (by mysql function "password"). Is it possible to slide over it? How to do it, can someone give advice?
-------------------------------------------------------------------------------
http://www.one.lv - Tavs mobilais e-pasts!
Tagad lasi savu e-pastu ar mobilo telefonu - wap.one.lv!
More information about the Freeradius-Users
mailing list