Chap/Pap Authentication
Joseph Showalter
Tech at ekn.com
Fri Jan 18 22:14:33 CET 2013
On Jan 18, 2013, at 3:34 PM, Alan DeKok <aland at deployingradius.com> wrote:
> authorize {
> ...
>
> if (! "%{sql:SELECT ... }") {
> reject
> }
Can I use a userdefined variable in the select statement that the EXEC perl script returns:
I would like to use the User-Password below:
[evdoesn] expand: %{User-Name} -> 6064191111 at evdo.myawi.net
Exec-Program output: User-Password := 268435460102579521, CHAP-Password :="" , CHAP-Challenge :="" , Auth-Type := PAP
Exec-Program-Wait: value-pairs: User-Password := 268435460102579521, CHAP-Password :="" , CHAP-Challenge :="" , Auth-Type := PAP
Exec-Program: returned: 0
++[evdoesn] returns ok
Here is the relevant entry from the "default" file:
evdoesn (exec script/perl)
if (! "%{sql:SELECT username FROM 'radcheck' WHERE username=%{User-Name} AND value=%{User-Password} }") {
reject
}
update control {
Auth-Type := Accept
}
But it can't expand the %User-Password...
rlm_sql_postgresql: query: SELECT username FROM 'radcheck' WHERE username=6064191111 at evdo.myawi.net AND value=
rlm_sql_postgresql: Status: PGRES_FATAL_ERROR
rlm_sql_postgresql: Error syntax error at or near "'radcheck'"
rlm_sql_postgresql: Postgresql Fatal Error: [42601: SYNTAX ERROR] Occurred!!
Its not expanding the User-Password variable which was setup in EXEC.
>
> update control {
> Auth-Type := Accept
> }
> ...
> }
>
> It's that easy.
--
respectfully, Joseph / IT
[M] +1(606)477-7551 / tech at ekn.com
East Kentucky Network, LLC.
dba Appalachian Wireless
==============================
More information about the Freeradius-Users
mailing list