Splitting the password field in freeRADIUS
Alan DeKok
aland at deployingradius.com
Wed Jan 24 08:21:41 CET 2007
Drumm, Daniel wrote:
> Is it possible to front end this type of server with FreeRADIUS, so that
> NAS-Clients can send a tokencode prepended to, say, a Kerberos password
> - and have the FreeRADIUS server forward the first 6 digits of the field
> to the RSA server for tokencode validation - and the remaining charcters
> to another RADIUS server, one that front-ends a Kerberos system? Only
> when both fields return true is the authentication true.
Yes, if you write a script to do this. But it won't be stable.
FreeRADIUS isn't set up to proxy one request to multiple places. In
general, it's not a good idea.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list