Digest using an external database for the Password
Alan DeKok
aland at deployingradius.com
Tue Apr 30 14:36:29 CEST 2013
Mike Brennan wrote:
> From the previous e-mail I put the sql query in the inner-tunnel (this was
> confirmed by Alan), however, I think this maybe incorrect - I believe it
> should go in the default file (AM I CORRECT?)
(a) you can wander around making random changes to "fix" things, or
(b) you can understand what's going on.
It's not hard. And no, I'm not going to spoon-feed you. The answer
is in front of you. It's in the debug logs you posted. Have you read
them, looking for "inner-tunnel"?
> The other test fails - see the following two files:
> rfc4590_freeradius_debug and the radiusclient_rfc4590. The authentication
> fails, I suspect that the attributes passed seems to cause FreeRadius to
> reject the authentication. Not sure whether it is the client causing the
> trouble with erroneous setting of the attributes or whether Freeradius is
> interpreting them incorrectly
FreeRADIUS doesn't implement RFC 4590. So far as I've seen, no one
else does, either.
> It would be good to get to the bottom of the problem with using RFC 4590 -
> I hope the debug files help. In the debug some fields are set as removed -
> this is what I replaced sensitive information with.
What client are you using to generate the digest authentication?
Alan DeKok.
More information about the Freeradius-Users
mailing list