Freeradius MYSQL Multiuser Access-Accept

Chris Knipe savage at savage.za.org
Thu Feb 4 22:04:37 CET 2016


On Thu, Feb 4, 2016 at 10:52 PM, Scott Lambert <lambert at lambertfam.org>
wrote:

> On Thu, Feb 04, 2016 at 02:43:20PM -0500, Alan DeKok wrote:
> > On Feb 4, 2016, at 2:22 PM, Adem Darguner <adarguner at gmail.com> wrote:
> > > I want to accept multiple password on the same user on MYSQL. Do you
> have
> > > any solutions?  Please tell me a solutions.Please.
> >
> >   You can't.  You need another solution.
>
> You can.  It's a bad idea, but FreeRADIUS is flexible enough.  It is
> much better to use huntgroups or realms to differentiate between users
> with the "same" username.
>


Provided passwords are stored in clear text, you can just introduce another
table, and combine the passwords in the WHERE clauses together with the
username?  Will most definitely work for PAP at the very least.

Just an untested example from the top of my head....
SELECT radcheck.UserName, radcheck.Attribute, radcheck.Value, radcheck.Op
FROM radcheck LEFT JOIN myUsers on radcheck.UserName=myUsers.Username WHERE
myUsers.Username = whatever and myUsers.Password = {cleartext-password}

SQL is very flexible, and there are a *lot* of ways that this can be done.
As is rlm_perl too, yes.


More information about the Freeradius-Users mailing list