Authentication with Juniper SA

Mik J mikydevel at yahoo.fr
Sun Sep 16 10:09:36 CEST 2012


> De : Mik J <mikydevel at yahoo.fr>
> De : Fajar A. Nugraha <list at fajar.net>
>> 
>>  On Sun, Sep 16, 2012 at 7:00 AM, Mik J <mikydevel at yahoo.fr> wrote:
>>>  Hello,
>>> 
>>>  I don't know why I can't make my authentication working with 
> Juniper secure access
>>> 
>>>  I have a user
>>>  +----+----------+--------------------+------------+----+
>>>  | id | username | attribute          | value      | op |
>>>  +----+----------+--------------------+------------+----+
>>>  |  9 | t2       | Cleartext-Password | passsecret | == |
>>>  +----+----------+--------------------+------------+----+
>> 
>> Change the op to ":="
>> 
>> ... which you should've seen if you read the included doc/rlm_sql
>> 
> 
> Thank you for your answer Fajar, it helped although the authentication is not 
> fully functional.
> For now I'll read again the documentation.

So here's what the documentation says:

 ==   "Attribute == Value": As a check item, it matches if the named attribute is present in the request, AND has the given value.
=>>> In my case, I wanted to compare the password sent by the Juniper device to the entry in the radcheck table. If the login and password matches then the check is positive. So the documentation seems to say that it should work with "==" or I don't understand.

:=     "Attribute := Value": Always matches as a check item, and replaces in the configuration items any attribute of the same name.  If no         attribute of that name appears in the request, then this attribute is added.


More information about the Freeradius-Users mailing list