Access-Reject in a php script

Patric patrict at bluebottle.com
Fri Oct 26 14:48:35 CEST 2007 

manIP wrote:
> hereunder is the output debug:
> rad_recv: Access-Request packet from host x.x.x.x:2658, id=49, length=58
>         User-Name = "xxx"
>         User-Password = "xxx"
>   Processing the authorize section of radiusd.conf
> modcall: entering group authorize for request 0
>   modcall[authorize]: module "preprocess" returns ok for request 0
>   modcall[authorize]: module "chap" returns noop for request 0
>   modcall[authorize]: module "mschap" returns noop for request 0
>     rlm_realm: Looking up realm "xxx" for User-Name = "xxx"
>     rlm_realm: No such realm "xxxx"
>   modcall[authorize]: module "suffix" returns noop for request 0
>   rlm_eap: No EAP-Message, not doing EAP
>   modcall[authorize]: module "eap" returns noop for request 0
> Exec-Program output:
> Exec-Program: returned: 2
> rlm_exec (myauth): External script failed
>   modcall[authorize]: module "myauth" returns fail for request 0
> modcall: leaving group authorize (returns fail) for request 0
> Finished request 0
> Going to the next request

For comparison sake here is my debug output (running on my modified code):

rad_recv: Access-Request packet from host xxx.xxx.xxx.xxx:xxxx, id=146, 
length=159
         Framed-Protocol = PPP
         User-Name = "xyz"
         User-Password = "123"
         NAS-Port-Type = Virtual
         NAS-Port = xxxxxxxx
         NAS-Port-Id = "x/x/x/xx.xx"
         Connect-Info = "AutoShaped"
         Service-Type = Framed-User
         NAS-IP-Address = xxx.xxx.xxx.xxx
         Proxy-State = 0x313938
   Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9
   modcall[authorize]: module "preprocess" returns ok for request 9
   modcall[authorize]: module "chap" returns noop for request 9
   modcall[authorize]: module "mschap" returns noop for request 9
     rlm_realm: Looking up realm "myrealm.com" for User-Name = "xyz"
     rlm_realm: No such realm "myrealm.com"
   modcall[authorize]: module "suffix" returns noop for request 9
   rlm_eap: No EAP-Message, not doing EAP
   modcall[authorize]: module "eap" returns noop for request 9
     users: Matched entry DEFAULT at line 54
   modcall[authorize]: module "files" returns ok for request 9
radius_xlat:  'u:xyz'
radius_xlat:  'p:123'
Exec-Program output:
Exec-Program: returned: 0
rlm_exec (exec-radauth): External script rejected user
   modcall[authorize]: module "exec-radauth" returns reject for request 9
modcall: leaving group authorize (returns reject) for request 9
Invalid user: [xyz/123] (from client abcd port 123456789)
Sending Access-Reject of id 146 to xxx.xxx.xxx.xxx port xxxx
         Proxy-State = 0x313938
Finished request 9
Going to the next request

Obviously my changes make it different...

I would be very interested to find out what we are doing wrong, as I'm 
sure you can imagine I would much rather be running the official version 
of the code!

Thanks for all the time Alan, it is as always much appreciated

-- 

Q: I want to be a sysadmin.  What should I do?

A: Seek professional help.

----------------------------------------------------------------------
Get a free email account with anti spam protection.
http://www.bluebottle.com/tag/2

More information about the Freeradius-Users mailing list