Most authentication methods don't use the secret as part of the password
encoding and use independent information for encoding.
PAP is the only authentication method that depends on the secret.
For example CHAP uses the password, two random numbers and MD5 to encode
the password.
Thibault Le Meur wrote:
Even though the secret is incorrect the authentication can be
correct. The server returns an Access-Accept. Why? The server trusts the
client (it's in the accepted NAS list) and performs the authentication.
I might have missed something here, sorry in advance ;-)
Since the secret is incorrect, Freeradius wont be able to correctly decrypt
the user-password. So authentication shouldn't be succesful ? (section 4.1
of http://www.freeradius.org/faq/).
Have you got any pointer to the thread you are talking about (I haven't
found it with a wuick googleing) ?
Thibault
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
