User authorize with Perl-Script
Oliver Werner
oliver.werner at kontrast.de
Tue Oct 30 14:40:35 CET 2012
Hello,
I'm useing FreeRADIUS in Version 2.1.10.
I would configure my Switch-Ports Mac-Based. When a Computer wired a Perl-Script should check the Username and gives VLAN back.
For a simple Test i don't have some conditions in the Script only outputs:
use strict;
use warnings;
use DBI;
### SwitchUser ###
my $pass = $ARGV[0];
print 'Access-Accept';
print 'Cleartext-Password := "'.$pass.'"';
exit 0;
my modules/exec looks here:
exec {
wait = yes
program = "/usr/bin/perl /usr/local/test.pl %{User-Name}"
input_pairs = request
output = reply
shell_escape = yes
}
and my sites-enabled/switch its this:
authorize {
exec
expiration
chap
}
authenticate {
chap
}
post-auth {
exec
}
When i wired with my PC Log Says following:
# Executing section authorize from file /etc/freeradius/sites-enabled/switchport
+- entering group authorize {...}
[php] expand: %{User-Name} -> aa:bb:cc:dd:ee:ff
Exec-Program output: Access-AcceptCleartext-Password := "aa:bb:cc:dd:ee:ff"
Exec-Program-Wait: plaintext: Access-AcceptCleartext-Password := "aa:bb:cc:dd:ee:ff"
Exec-Program: returned: 0
++[php] returns ok
++[expiration] returns noop
[chap] Setting 'Auth-Type := CHAP'
++[chap] returns ok
Found Auth-Type = CHAP
# Executing group from file /etc/freeradius/sites-enabled/switchport
+- entering group authenticate {...}
[chap] login attempt by "aa:bb:cc:dd:ee:ff" with CHAP password
[chap] Cleartext-Password is required for authentication
++[chap] returns invalid
Failed to authenticate the user.
} # server switchport
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Anyone knows what is wrong in my Configuration?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20121030/bb537ff6/attachment.html>
More information about the Freeradius-Users
mailing list