$75.00 USD Bounty
Phil Mayers
p.mayers at imperial.ac.uk
Mon Mar 21 17:48:19 CET 2011
On 21/03/11 12:14, Craig Smith wrote:
> Good Morning!
>
> I will pay $75.00 USD (via PayPal) to the first person who can send me
> the documentation and working configuration files for external
> authentication using a PHP script.
Well, your question is not as simple as you imagine; you haven't defined
which authentication method(s) (PAP, CHAP, EAP) you want to handle, and
how you want to determine success or failure
If you want to handle CHAP/EAP or something else using
challenge/response; don't. You won't be able to do this in an external
script.
Assuming it's PAP or something else similar which doesn't involve any
challenge/response (e.g. macauth) you simply do the following:
/etc/raddb/modules/my_exec:
exec my_exec {
program = "/..."
wait = yes
input_pairs = request
output_pairs = reply
}
/etc/raddb/sites-enabled/default:
authorize {
...
my_exec
if (ok) {
update control {
Auth-Type := Accept
}
}
...
}
...then write your script. It will receive
User-Name=x
Other-Attr=y
...on stdin. You can print out reply variables on stdout:
Reply-Message="some string"
Vendor-Vlan=1234
...and you return exit codes as demonstrated in scripts/exec-program-wait.
I don't code in PHP so can't give you an example of the script.
More information about the Freeradius-Users
mailing list