Add files to authorize and put DEFAULT Auth-Type := Exec in it. Ivan Kalik Kalik Informatika ISP
Dana 13/4/2008, "T Kid82" <[EMAIL PROTECTED]> piše: >Hi everyone, > >I am trying to accomplish a very simple task using RADIUS as an >authentication proxy. >All I need it to do is use the username/password combo sent in, run a >perl script to validate those credentials and return a pass or fail. >I have my perl script setup to return all the right codes as the >radiusd.conf specifies. ( < 0 : fail, 0 : ok , etc...) > >I have added the following changes to the radiusd.conf file, >everything else is as it is out of the box. > > authorize { > preprocess > exec > } > > authenticate { > Auth-Type Exec { > exec > } > } > >In the modules section I added my program name / perl script (the >location is just a temp thing to get this going): > >exec { > program = "/usr/bin/authenticate.pl" > wait = yes > input_pairs = request > output_pairs = reply > > } > >When i run radtest, this is what I see in the logs > >User-Name = "tkid" > User-Password = "hlsearch" > NAS-IP-Address = 127.0.0.1 > NAS-Port = 1645 >+- entering group authorize >++[preprocess] returns ok >Exec-Program output: Error: Password check passed >Exec-Program: returned: 0 >++[exec] returns ok >auth: No authenticate method (Auth-Type) configuration found for the >request: Rejecting the user >auth: Failed to validate the user. >Login incorrect: [tkid/hlsearch] (from client localhost port 1645) > Found Post-Auth-Type Reject >+- entering group REJECT > expand: %{User-Name} -> tkid >attr_filter: Matched entry DEFAULT at line 11 >++[attr_filter.access_reject] returns updated >Finished request 0. >Going to the next request >Waking up in 4.9 seconds. >Cleaning up request 0 ID 149 with timestamp +10 >Ready to process requests. > > > >In essence, all I want is authentication and not authorization. How do >I accomplish that here? > >Thanks for your help in advance. >Thanks, >-- Tauseef >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html