+ in Usernames?

Wed, 19 Oct 2005 06:20:25 -0700 

Hello,
i want that an incoming request is always authenticated and should reply with some attributes. 

i have the following entry in my sql database in radcheck:
---
 id   UserName                         Attribute       op   Value
| 18 | [EMAIL PROTECTED] | Auth-Type     | := | Accept
---

The incoming request looks like this:
---
Packet-Type = Access-Request
Wed Oct 19 14:42:17 2005
       User-Name = "[EMAIL PROTECTED]"
       Service-Type = Call-Check
       NAS-IP-Address = 172.20.23.232
       NAS-Port = 0
       Client-IP-Address = 172.20.23.232
---

I dont know where the problem exists exactly, but the the radius.log says:
---

Wed Oct 19 14:36:16 2005 : Auth: Login incorrect: 
[EMAIL PROTECTED]/<no User-Password attribute>] (from client 
test port 0)

---

radiusd -X output:
---

rad_recv: Access-Request packet from host 172.20.23.232:33352, id=212, 
length=69

       User-Name = "[EMAIL PROTECTED]"
       Service-Type = Call-Check
       NAS-IP-Address = 172.20.23.232
       NAS-Port = 0
 Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
 modcall[authorize]: module "preprocess" returns ok for request 0
radius_xlat:  '/var/log/radacct/172.20.23.232/auth-detail-20051019'

rlm_detail: /var/log/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d 
expands to /var/log/radacct/172.20.23.232/auth-detail-20051019

 modcall[authorize]: module "auth_log" returns ok for request 0
 modcall[authorize]: module "digest" returns noop for request 0

   rlm_realm: No '%' in User-Name = "[EMAIL PROTECTED]", 
looking up realm NULL

   rlm_realm: No such realm "NULL"
 modcall[authorize]: module "realmpercent" returns noop for request 0

   rlm_realm: Looking up realm "sip.claranet.de" for User-Name = 
"[EMAIL PROTECTED]"

   rlm_realm: Found realm "sip.claranet.de"
   rlm_realm: Adding Stripped-User-Name = "+496925738971"

   rlm_realm: Proxying request from user +496925738971 to realm 
sip.claranet.de

   rlm_realm: Adding Realm = "sip.claranet.de"
   rlm_realm: Authentication realm is LOCAL.
 modcall[authorize]: module "realmat" returns noop for request 0
   rlm_realm: Request already proxied.  Ignoring.
 modcall[authorize]: module "realmraute" returns noop for request 0
radius_xlat:  '[EMAIL PROTECTED]'
rlm_sql (sql): sql_set_user escaped user --> '[EMAIL PROTECTED]'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radcheck           WHERE Username = '[EMAIL PROTECTED]' 
ORDER BY id'

rlm_sql (sql): Reserving sql socket id: 255
rlm_sql (sql): User [EMAIL PROTECTED] not found in radcheck

radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 
'[EMAIL PROTECTED]' AND usergroup.GroupName = 
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op 
FROM radgroupreply,usergroup WHERE usergroup.Username = 
'[EMAIL PROTECTED]' AND usergroup.GroupName = 
radgroupreply.GroupName ORDER BY radgroupreply.id'

rlm_sql (sql): User [EMAIL PROTECTED] not found in radgroupcheck
rlm_sql (sql): User not found
rlm_sql (sql): Released sql socket id: 255
 modcall[authorize]: module "sql" returns notfound for request 0
modcall: group authorize returns ok for request 0

auth: No authenticate method (Auth-Type) configuration found for the 
request: Rejecting the user

auth: Failed to validate the user.

Login incorrect: [EMAIL PROTECTED]/<no User-Password 
attribute>] (from client test port 0)

Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...

rad_recv: Access-Request packet from host 172.20.23.232:33353, id=213, 
length=69

       User-Name = "[EMAIL PROTECTED]"
       Service-Type = Call-Check
       NAS-IP-Address = 172.20.23.232
       NAS-Port = 0
 Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
 modcall[authorize]: module "preprocess" returns ok for request 1
radius_xlat:  '/var/log/radacct/172.20.23.232/auth-detail-20051019'

rlm_detail: /var/log/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d 
expands to /var/log/radacct/172.20.23.232/auth-detail-20051019

 modcall[authorize]: module "auth_log" returns ok for request 1
 modcall[authorize]: module "digest" returns noop for request 1

   rlm_realm: No '%' in User-Name = "[EMAIL PROTECTED]", 
looking up realm NULL

   rlm_realm: No such realm "NULL"
 modcall[authorize]: module "realmpercent" returns noop for request 1

   rlm_realm: Looking up realm "sip.claranet.de" for User-Name = 
"[EMAIL PROTECTED]"

   rlm_realm: Found realm "sip.claranet.de"
   rlm_realm: Adding Stripped-User-Name = "+496925738971"

   rlm_realm: Proxying request from user +496925738971 to realm 
sip.claranet.de

   rlm_realm: Adding Realm = "sip.claranet.de"
   rlm_realm: Authentication realm is LOCAL.
 modcall[authorize]: module "realmat" returns noop for request 1
   rlm_realm: Request already proxied.  Ignoring.
 modcall[authorize]: module "realmraute" returns noop for request 1
radius_xlat:  '[EMAIL PROTECTED]'
rlm_sql (sql): sql_set_user escaped user --> '[EMAIL PROTECTED]'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radcheck           WHERE Username = '[EMAIL PROTECTED]' 
ORDER BY id'

rlm_sql (sql): Reserving sql socket id: 254
rlm_sql (sql): User [EMAIL PROTECTED] not found in radcheck

radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 
'[EMAIL PROTECTED]' AND usergroup.GroupName = 
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op 
FROM radgroupreply,usergroup WHERE usergroup.Username = 
'[EMAIL PROTECTED]' AND usergroup.GroupName = 
radgroupreply.GroupName ORDER BY radgroupreply.id'

rlm_sql (sql): User [EMAIL PROTECTED] not found in radgroupcheck
rlm_sql (sql): User not found
rlm_sql (sql): Released sql socket id: 254
 modcall[authorize]: module "sql" returns notfound for request 1
modcall: group authorize returns ok for request 1

auth: No authenticate method (Auth-Type) configuration found for the 
request: Rejecting the user

auth: Failed to validate the user.

Login incorrect: [EMAIL PROTECTED]/<no User-Password 
attribute>] (from client test port 0)

Delaying request 1 for 1 seconds
Finished request 1
Going to the next request
Waking up in 1 seconds...

rad_recv: Access-Request packet from host 172.20.23.232:33352, id=212, 
length=69

Sending Access-Reject of id 212 to 172.20.23.232:33352
--- Walking the entire request list ---
Waking up in 1 seconds...

rad_recv: Access-Request packet from host 172.20.23.232:33353, id=213, 
length=69

Sending Access-Reject of id 213 to 172.20.23.232:33353
Waking up in 1 seconds...
--- Walking the entire request list ---




Either i have a problem with my authorize section or the username shouldnt 
include an "+" i think.


Anybody with an idea?


kind regards,

-christian


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html





















					Reply via email to