Cache module to save user password?
Enrique Sainz Baixauli
enriquesainz.beca at intef.educacion.es
Wed Oct 15 13:16:52 CEST 2014
Hello there,
I have a freeradius server for testing running v3.0.3, and I had a config
where the server read the user details from an LDAP server and cached it to
avoid future searches for the same user. I am pretty sure it used to work
when I finally configured it, and without any changes or updates it just
stopped working.
Now, I can test any of the users in the database and it will send
Access-Accept the first time I test, but if I try again while the entry in
the cache is still there it will pop put "no known-good password for that
user".
My config for the auth section is as follows:
update control {
Cache-Status-Only := yes
}
cache
if (notfound) {
ldap
update control {
Cache-Status-Only := no
}
cache
}
While the update section of the cache module config is as follows:
control:LDAP-Group += control:LDAP-Group
control:Password-With-Header += control:Password-With-Header
(although I also tried with control:User-Password instead of
Password-With-Header)
So the thing is that, when the cache module finds an entry for the user, it
reads it (with Cache-Status-Only := yes, might that be the problem?) but
then it doesn't find a known-good password for that user. If it had read the
cache entry, I understand that it should be there.
Any help is appreciated. And any additional info will be provided if needed
:)
Best regards,
Enrique Sainz
More information about the Freeradius-Users
mailing list