Problem with spaces in usernames.
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Wed Jan 29 18:02:09 CET 2014
On 29 Jan 2014, at 16:44, Maciej Milewski <milu at dat.pl> wrote:
> Wed Jan 29 17:20:58 2014 : Debug: %{tolower:%{User-Name}}
> Wed Jan 29 17:20:58 2014 : Debug: Parsed xlat tree:
> Wed Jan 29 17:20:58 2014 : Debug: xlat: tolower
> Wed Jan 29 17:20:58 2014 : Debug: {
> Wed Jan 29 17:20:58 2014 : Debug: attribute: User-Name
> Wed Jan 29 17:20:58 2014 : Debug: {
> Wed Jan 29 17:20:58 2014 : Debug: ref 2
> Wed Jan 29 17:20:58 2014 : Debug: list 1
> Wed Jan 29 17:20:58 2014 : Debug: tag -128
> Wed Jan 29 17:20:58 2014 : Debug: }
> Wed Jan 29 17:20:58 2014 : Debug: }
> Wed Jan 29 17:20:58 2014 : Debug: (0) expand:
> "%{tolower:%{User-Name}}" -> 'a guest'
> Wed Jan 29 17:20:58 2014 : Debug: (0) ? if (User-Name !=
> "%{tolower:%{User-Name}}") -> TRUE
> Wed Jan 29 17:20:58 2014 : Debug: (0) if (User-Name !=
> "%{tolower:%{User-Name}}") {
> Wed Jan 29 17:20:58 2014 : Debug: (0) modsingle[authorize]: calling
> reject (rlm_always) for request 0
> Wed Jan 29 17:20:58 2014 : Debug: (0) modsingle[authorize]: returned
> from reject (rlm_always) for request 0
> Wed Jan 29 17:20:58 2014 : Debug: (0) [reject] = reject
> Wed Jan 29 17:20:58 2014 : Debug: (0) } # if (User-Name !=
> "%{tolower:%{User-Name}}") = reject
> Wed Jan 29 17:20:58 2014 : Debug: (0) } # filter_username
> filter_username = reject
> Wed Jan 29 17:20:58 2014 : Debug: (0) } # authorize = reject
Please just use -X, the extra info isn't useful..
There's a policy filter_username which does basic checks on incoming user names to make sure they look like NAIs.
if (User-Name != "%{tolower:%{User-Name}}") {
reject
}
Is the bit causing the trouble. Comment it out in filter_username, or comment out the call to filter_username, it's got nothing to do with the users file...
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140129/4979a1ce/attachment-0001.pgp>
More information about the Freeradius-Users
mailing list