Help with external authentication using PHP

Uchenna Nebedum nebeduch at gmail.com
Fri Apr 5 23:21:44 CEST 2019


Hi Ekene,
I think if you explain the entire scenario and what you're trying to
achieve, they'll be able to help.

 I currently have an external application connected to freeradius, but what
i do is entirely different.

 I authenticate users on the application separately, but i don't use the
password they provide as the radius password, it's generated with a formula
and SMD5-encrypted.

 something like usermac + last 2 letters of first name + last 4 digits of
phone number. Then salted and encrypted and stored in Freeradius.

Uchenna Nebedum

On Fri, Apr 5, 2019, 16:23 Ekene Ezeasor <ezeasorekene at gmail.com> wrote:

> Hi all,
>
> Please our users' password are encrypted using crypt() (blowfish) function
> in PHP. Now I want to use password_verify() to check the submitted password
> and I intend doing that in PHP. I have updated my authorize section to use
> the external PHP script like this:
>
> update control {
>       Auth-type := "/usr/bin/php -f
> /etc/freeradius/3.0/php/checkpassword.php %{User-Name} %{User-Password}"
>       &Proxy-To-Realm := LOCAL
>     }
>
> But only the username is sent to the external PHP file. The password is
> empty.
>
> We are already running a large database and it may not be easy to change to
> another encryption method. Therefore this is very important and we really
> need to implement it.
>
> Please can someone help. Thanks. Regards
>
>
>
> ___________________________
> Ekene Ezeasor
> IT Consultant,
> Codee Solutions
> *Phone*: 08063961963
> *Web*: www.codeeltd.com
> ------------------------------
>
> *DISCLAIMER NOTICE:*
> *This e-mail, any attachments thereto and response string is intended
> solely for the attention and use of the addressee(s) named herein and may
> contain legally privileged and/or confidential information. In the event
> that you are not the intended recipient(s) of this e-mail and any
> attachments thereto, be notified that any dissemination, distribution or
> copying of this e-mail and any attachments thereto, is strictly prohibited.
> If you have received or otherwise encountered this e-mail in error, please
> immediately notify the sender and permanently delete the e-mail, any
> attachments and response string as well as any copy printout in connection
> therewith.*
> ------------------------------
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list