Check for Certificate AND Username

Wolfgang Burger burgerw at immunbio.mpg.de
Fri Sep 14 17:24:04 CEST 2007


>> Wolfgang Burger wrote:
>> But how can i achieve the following:
>> - Client sends certificate and Username/Password (done)
>> - freeradius checks for valid certificate (done)
>> - freeradius ADDITIONALLY checks Username/Password with another
>> Radius-Server.
> Alan DeKok wrote:
>   That can't really be done with the server today.
>   But why do you want to do that?

That is most likely the answer that i have expected the least. But, of 
course, thank you for your reply.

Well, there is another Radius-Server (DRAS, running under VMS, 
controlled by someone else) where all the users are listet.
I just thougt it would be very nice to check for a username/password, 
to make sure that noone gives away his certificate in any way.
And, and this is more important, it is possible that someone is blocked 
on the other server but still has a valid certificate.
By proxing the request, that user would be blocked.
Any other idea how to do this?

Wolfgang Burger



More information about the Freeradius-Users mailing list