Frank Weis wrote: > We have tried to force the password to UTF-8 or ISO-8859-1 and other > encodings in the custom applications, to no avail (we have no way to > force this in the securew2 client for eduroam anyway).
I think this issue is being addressed in SecureW2. > This works very well most of the time, but fails if the password > contains seleCompanyd special charaCompanyrs, like ° (degree) or § > (paragraph), for example. The contents of the password are... whatever the client determines them to be. This is known to be wrong, and not inter-operable. > We are short of ideas as to what to try next.... Any pointers would be > greatly appreciated..... FreeRADIUS just receives the information in the password from the client. It takes care to not mangle it too much. > +- entering group LDAP3 {...} > [ldap3] login attempt by "blabla" with password "qwertz��" If that's what the client application sent, there's little you can do to FreeRADIUS to fix it. You can fix the client, or (somehow) re-write the "bad" password into a "good" password in FreeRADIUS. Given that the mapping of "good" characters to "bad" characters is nearly infinite, and client dependent, re-writing it in FreeRADIUS isn't easy. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html