OK
we are proposing a lightweight WLAN roaming architecture. This means that we implement a roaming architecture for a small community. The scenario is
Client-->AP-->foreign server -->Home server and so on...
All this is done using EAP-MD5 authentication (only this authentication scheme) and mysql for keeping user profiles.
The idea is to minimize the lenght of packets in order to provide faster roaming. So what is proposed is to make some attributes have fixed length : User-Name and Password. I must inform you that i dont know exactly the backgroung of this "idea" but the description i give you is the description i got...I believe that using fixed length usernames derives from the fact that a small community has few members so we dont need 253 octets for representing this field...
So what i want is users to provide a 15 octet username and a 32 octet password and radius server have the exact length in its packets for these attributes.
I havent searched yet about how EAP passes the password.I "know" the procedure but i havent read yet the rfcs...
thanks
From: "Alan DeKok" <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Source code Date: Tue, 30 Nov 2004 17:54:51 -0500
"Panagiotis Mavros" <[EMAIL PROTECTED]> wrote: > Sorry to bother you but it seems that i havent make my self clear about > what i want to do.
Details help a lot. So far, you've been resisting providing details.
> User-Name and Password attributes MUST be EXACT 15 and 32 octets > long(15 for username and 32 for pass).
You said you were using EAP-MD5. There is NO "password" attribute in EAP-MD5 requests. None.
> Ok i know that this sounds crazy and that nobody would ever want something
> like that, but this is what i have to implement....
Could you explain why? From everything you've said, it sounds to me like whoever created the requirements doesn't understand RADIUS.
Rather than asking how to implement the decisions you've made, please describe WHY those decisions were made. Saying "you have to implement them" doesn't help.
> And the problem is that i dont know if EAP-MD5 authentication wil cause > problem when using a fixed length password
It won't. The password length doesn't matter to anything.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
