Unix TimeStamp Based Login
Efx Efx
ster.efx at gmail.com
Mon May 14 15:40:48 CEST 2012
Phil, I configured my freeradius server as in your example above ( It looks
like case letters doesn't make any difference in MySQL statements)
User is successfully authenticated because of radcheck table. Maybe I need
to reinstall freeradius server , because a month ago there was "Dialup
Admin" installed too. Radcheck sql statements runs from "dialup.conf" file.
*This is my table:*
CREATE TABLE `Resv` (
`Username` varchar(20) NOT NULL,
`Start-Time` int(11) NOT NULL,
`End-Time` int(11) NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
*This is my output:*
# Executing section authorize from file
/etc/freeradius/sites-enabled/default
+- entering group authorize {...}
sql_xlat
expand: %{User-Name} -> ieva
sql_set_user escaped user --> 'ieva'
expand: select Start_time from Resv where Username='%{User-Name}'
-> select Start_time from Resv where Username='ieva'
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql_mysql: MYSQL check_error: 1054 received
rlm_sql (sql): database query error, select Start_time from Resv where
Username='ieva': Unknown column 'Start_time' in 'field list'
rlm_sql (sql): Released sql socket id: 3
expand: %{sql:select Start_time from Resv where
Username='%{User-Name}'} ->
sql_xlat
expand: %{User-Name} -> ieva
sql_set_user escaped user --> 'ieva'
expand: select End_time from Resv where Username='%{User-Name}' ->
select End_time from Resv where Username='ieva'
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql_mysql: MYSQL check_error: 1054 received
rlm_sql (sql): database query error, select End_time from Resv where
Username='ieva': Unknown column 'End_time' in 'field list'
rlm_sql (sql): Released sql socket id: 2
expand: %{sql:select End_time from Resv where
Username='%{User-Name}'} ->
expand: %l -> 1337002345
++[request] returns notfound
++? if (Resv-Cur-Time < Resv-Start-Time)
Failed parsing "Resv-Start-Time": Unknown value Resv-Start-Time for
attribute Resv-Cur-Time
++? if (Resv-Cur-Time > Resv-End-Time)
Failed parsing "Resv-End-Time": Unknown value Resv-End-Time for attribute
Resv-Cur-Time
expand: %{Resv-End-Time} - %{Resv-Cur-Time} -> 0 - 1337002345
expand: %{expr:%{Resv-End-Time} - %{Resv-Cur-Time}} -> -1337002345
++[reply] returns notfound
++[preprocess] returns ok
[auth_log] expand:
/var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d ->
/var/log/freeradius/radacct/172.16.83.51/auth-detail-20120514
[auth_log]
/var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands
to /var/log/freeradius/radacct/172.16.83.51/auth-detail-20120514
[auth_log] expand: %t -> Mon May 14 16:32:25 2012
++[auth_log] returns ok
[sql] expand: %{User-Name} -> ieva
[sql] sql_set_user escaped user --> 'ieva'
rlm_sql (sql): Reserving sql socket id: 1
[sql] expand: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = '%{SQL-User-Name}' ORDER BY
id -> SELECT id, username, attribute, value, op FROM
radcheck WHERE username = 'ieva' ORDER BY id
[sql] User found in radcheck table
[sql] expand: SELECT id, username, attribute, value, op FROM
radreply WHERE username = '%{SQL-User-Name}' ORDER BY
id -> SELECT id, username, attribute, value, op FROM
radreply WHERE username = 'ieva' ORDER BY id
rlm_sql (sql): Released sql socket id: 1
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_checkval: Item Name: Calling-Station-Id, Value: 10.0.0.1
rlm_checkval: Could not find attribute named Calling-Station-Id in check
pairs
++[checkval] returns notfound
++[pap] returns updated
Found Auth-Type = PAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group PAP {...}
[pap] login attempt with password "ieva"
[pap] Using clear text password "ieva"
[pap] User authenticated successfully
++[pap] returns ok
# Executing section post-auth from file
/etc/freeradius/sites-enabled/default
+- entering group post-auth {...}
[sql] expand: %{User-Name} -> ieva
[sql] sql_set_user escaped user --> 'ieva'
[sql] expand: %{User-Password} -> ieva
[sql] expand: INSERT INTO radpostauth
(username, pass, reply, authdate) VALUES
( '%{User-Name}',
'%{%{User-Password}:-%{Chap-Password}}',
'%{reply:Packet-Type}', '%S') -> INSERT INTO
radpostauth (username, pass, reply,
authdate) VALUES (
'ieva', 'ieva',
'Access-Accept', '2012-05-14 16:32:25')
rlm_sql (sql) in sql_postauth: query is INSERT INTO
radpostauth (username, pass, reply,
authdate) VALUES (
'ieva', 'ieva',
'Access-Accept', '2012-05-14 16:32:25')
rlm_sql (sql): Reserving sql socket id: 0
rlm_sql (sql): Released sql socket id: 0
++[sql] returns ok
[sql_log] Processing sql_log_postauth
[sql_log] expand: %{User-Name} -> ieva
[sql_log] expand: %{%{User-Name}:-DEFAULT} -> ieva
[sql_log] sql_set_user escaped user --> 'ieva'
[sql_log] WARNING: Deprecated conditional expansion ":-". See "man unlang"
for details
[sql_log] expand: INSERT INTO radpostauth
(username, pass, reply, authdate) VALUES
('%{User-Name}', '%{User-Password:-Chap-Password}',
'%{reply:Packet-Type}', '%S'); -> INSERT INTO
radpostauth (username, pass, reply, authdate)
VALUES ('ieva', 'ieva',
'Access-Accept', '2012-05-14 16:32:25');
[sql_log] expand: /var/log/freeradius/radacct/sql-relay ->
/var/log/freeradius/radacct/sql-relay
++[sql_log] returns ok
++[exec] returns noop
On Mon, May 14, 2012 at 3:39 PM, Efx Efx <ster.efx at gmail.com> wrote:
> Thank you Phil!
>
> I will try!
>
>
>
> On Mon, May 14, 2012 at 3:25 PM, Phil Mayers <p.mayers at imperial.ac.uk>wrote:
>
>> On 14/05/12 12:09, jomajo wrote:
>>
>>> Hello Phil. Ofcourse it is not! I don't know (other people) but if they
>>> know
>>> any helpful information related with this, please let me know.
>>>
>>
>> Ah, sorry, I'm confused - you're the same person!
>>
>>
>>
>>> Can you share more information about Matthew lab ? How he's reserving a
>>> time
>>> slot and authenticating users with freeradius?
>>>
>>> This information would be really helpful, because I'm tying to achieve
>>> this
>>> too
>>>
>>
>> So, in brief, you want something like this:
>>
>> Let's say you have an SQL table:
>>
>> username string, start_time integer, end_time integer
>>
>> ...and the start/end times are unix seconds-since-epoch. You could
>> implement this as follows.
>>
>> First, create three local attributes in raddb/dictionary:
>>
>> ATTRIBUTE Resv-Start-Time 3010 integer
>> ATTRIBUTE Resv-End-Time 3011 integer
>> ATTRIBUTE Resv-Cur-Time 3012 integer
>>
>> Second, write an "unlang" policy in your virtual server like so:
>>
>> authorize {
>> ...
>> update request {
>> Resv-Start-Time := "%{sql:select start_time from resv where
>> username='%{User-Name}'}"
>> Resv-End-Time := "%{sql:select end_time from resv where
>> username='%{User-Name}'}"
>> Resv-Cur-Time := "%l"
>> }
>>
>> if (Resv-Cur-Time < Resv-Start-Time) {
>> reject
>> update reply {
>> Reply-Message := "your slot has not yet started"
>> }
>> }
>>
>> if (Resv-Cur-Time > Resv-End-Time) {
>> reject
>> update reply {
>> Reply-Message := "your slot has finished"
>> }
>> }
>>
>> # you probably want to set the Session-Timeout so they get kicked off
>> update reply {
>> Session-Timeout := "%{expr:%{Resv-End-Time} - %{Resv-Cur-Time}}"
>> }
>>
>> ...
>> }
>>
>> Hopefully it's clear what this does, and how it works.
>>
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/**
>> list/users.html <http://www.freeradius.org/list/users.html>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120514/1d3f98ad/attachment-0001.html>
More information about the Freeradius-Users
mailing list