Hi Alan, Ok maybe it wasn't clear enough. We have a web-application running on Apache/tomcat and the client used for authentication is the mod_auth_radius module. We want to test that there are no problems with users having special characters, hence the garbage like username/password. We have a valid unix user éâäåçêëèïîìÄæôòû with password éâäåçêëèïîìÄæôòû in the Ubuntu Dapper Linux system on which the radius server 1.1.0 has been installed. So when I browse to the web-app, I get uid/pwd challenge, and when I provide the éâäåçêëèïîìÄæôòû/éâäåçêëèïîìÄæôòû as the uid/pwd, I see the following on the radius server which is running in debug mode:
rad_recv: Access-Request packet from host 127.0.0.1:33292, id=245, length=98 User-Name = "\303\251\303\242\303\244\303\245\303\247\303\252\303\250\303\257\303\256\303\254\303\204\303\246\303\264\303\262\303\273" User-Password = "\222\023S~\345v\322\250\207\216\261\206\242J\301\301\251\006\233\026N\374\014\213\036c\022'\220\r\370\210" NAS-IP-Address = 255.255.255.255 NAS-Port = 1812 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 modcall[authorize]: module "mschap" returns noop for request 1 rlm_realm: No '@' in User-Name = "[EMAIL PROTECTED]", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 1 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 1 users: Matched entry DEFAULT at line 152 modcall[authorize]: module "files" returns ok for request 1 modcall: leaving group authorize (returns ok) for request 1 rad_check_password: Found Auth-Type System auth: type "System" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 1 rlm_unix: [EMAIL PROTECTED]: invalid password modcall[authenticate]: module "unix" returns reject for request 1 modcall: leaving group authenticate (returns reject) for request 1 auth: Failed to validate the user. WARNING: Unprintable characters in the password. ? Double-check the shared secret on the server and the NAS! Delaying request 1 for 1 seconds Finished request 1 Going to the next request --- Walking the entire request list --- I have another unix user Vinodh/vinodh in the system, so when I try that, I get this: Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 7 ID 99 with timestamp 44e57654 Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host 10.0.203.118:1026, id=97, length=72 User-Name = "Vinodh" User-Password = "vinodh" Service-Type = Authenticate-Only NAS-Identifier = "10.0.203.118" NAS-IP-Address = 10.0.203.118 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 8 modcall[authorize]: module "preprocess" returns ok for request 8 modcall[authorize]: module "mschap" returns noop for request 8 rlm_realm: No '@' in User-Name = "Vinodh", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 8 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 8 users: Matched entry DEFAULT at line 152 modcall[authorize]: module "files" returns ok for request 8 modcall: leaving group authorize (returns ok) for request 8 rad_check_password: Found Auth-Type System auth: type "System" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 8 modcall[authenticate]: module "unix" returns ok for request 8 modcall: leaving group authenticate (returns ok) for request 8 Sending Access-Accept of id 97 to 10.0.203.118 port 1026 Finished request 8 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 8 ID 97 with timestamp 44e57662 Nothing to do. Sleeping until we see a request. So the unix authentication works fine for ordinary characters. Is there some configuration issue somewhere? Hope this is more clearer. V~ --- Vinodh Velusamy Software Engineer Ubizen - a Cybertrust company Ubicenter, Philipssite 5, 3001 Leuven, Belgium T: +32 16 28 73 14 F: +32 16 28 71 00 E-mail: [EMAIL PROTECTED] www.ubizen.com - www.cybertrust.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Wednesday, August 23, 2006 7:27 PM To: FreeRadius users mailing list Subject: Re: RE: RE: Problem with character Ä in username/password "Velusamy, Vinodh" <[EMAIL PROTECTED]> wrote: > Sorry for troubling you, but could you please help me out with this? > We are using the mod_auth_radius, the RADIUS authentication module for > the Apache webserver version 1.5.2 for apache 1.3 that you have > developed. If you need any other info I will try my best to provide > it. I have no idea what the problem is. I've asked for information, and you haven't provided it. I've asked questions that you haven't answered. If the username is garbage, then the ONLY reason that happens is that's what the user typed in. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html