$75.00 USD Bounty
Craig Campbell
craig.campbell at ccraft.ca
Mon Mar 21 14:54:46 CET 2011
Hi Craig,
Craig here too...
I am not very knacky with PERL, but I can tell you what you need to know.
1. in the file file users you will need a line like,
DEFAULT Auth-Type := Accept
Exec-Program-Wait = "/usr/local/sbin/auth -X -U -- %{User-Name} %{User-Password} %{%{Called-Station-Id}:-Missing} %{%{NAS-IP-Address}:-Missing} %{%{Calling-Station-Id}:-Missing} %{%{NAS-Port-Type}:-Missing} %{Vendor-Specific}" ,
Fall-Through = no
Where /usr/local/sbin/auth is your perl authorization script.
You may either pass the authentication request parameters via command line as in the example above, or they may be collected from environmental variables. Note the '-' characters are replaced with '_' characters in the environmental variable names. The -X and -U are specific to MY auth program. The '--' denotes an end to command line switches. The Parameter substitution for some variables ensures the word "Missing" in the event a value pair variable is not defined. (Again just for the needs of my script.)
Beware: There is a line length limit - much longer than this and you should use the environmental variable option to collect the parameters. The example above EVOLVED form ancient radius software. I'd likely drop the command line parameters entirely if I was writing it fresh today.
2. The auth script MUST return a return code == 0 (zero) for success. Non zero and authentication is denied.
3. stdout from the auth script should be any value pairs you wish returned to the NAS. (From memory) these value pairs need to be comma,' separated. Returning an INVALID value pair for the NAS results in NO value pairs being returned and the stdout becomes a log message as I recall - very misleading. I suggest you test by adding 1 value pair at a time to the successful logins.
There's my 5 minute memory dump.
Hope it helps,
-craig
----- Original Message -----
From: Craig Smith
To: freeradius-users at lists.freeradius.org
Sent: Monday, March 21, 2011 8:14 AM
Subject: $75.00 USD Bounty
Good Morning!
I will pay $75.00 USD (via PayPal) to the first person who can send me the documentation and working configuration files for external authentication using a PHP script.
Thanks,
Craig
------------------------------------------------------------------------------
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
__________ Information from ESET Smart Security, version of virus signature database 5970 (20110321) __________
The message was checked by ESET Smart Security.
http://www.eset.com
--------------------------------------------------------------------------------
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
__________ Information from ESET Smart Security, version of virus signature database 5970 (20110321) __________
The message was checked by ESET Smart Security.
http://www.eset.com
__________ Information from ESET Smart Security, version of virus signature database 5970 (20110321) __________
The message was checked by ESET Smart Security.
http://www.eset.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110321/c43cab23/attachment.html>
More information about the Freeradius-Users
mailing list