finally i had some luck i guess, now the radius do authentication, but
jradius simulator say's timedout, could be ACS is not passing the
information to simulator i feel. though i am using ACS proxy distributin
table, still simulator is not getting the response back, any clues will be
greatly appreciated sir/mam.
once after this is up, how do i proceed to forward/receive these info
(username,password, token pass)to be confirmed for the java based
application
i know i am in total confusion mode, but some kind of help will be helpful
for me to look towards right direction..
rlm_jradius: reading attribute: type=1259012097; len=1
rlm_jradius: Released JRadius socket id: 6
++[jradius] returns updated
++[preprocess] returns ok
[chap] Setting 'Auth-Type := CHAP'
++[chap] returns ok
[files] users: Matched entry d...@mydomain.com at line 90
[files] expand: Hello, %{User-Name} -> Hello, d...@mydomain.com
++[files] returns ok
Found Auth-Type = CHAP
+- entering group CHAP {...}
[chap] login attempt by "d...@mydomain.com" with CHAP password
[chap] Using clear text password "hello" for user d...@mydomain.com
authentication.
[chap] chap user d...@mydomain.com authenticated succesfully
++[chap] returns ok
Login OK: [...@mydomain.com/<CHAP-Password>] (from client mydomain port 0)
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 2 to 192.168.0.50 port 2773
Reply-Message = "Hello, d...@mydomain.com"
Proxy-State = 0x434953434f3a30
Finished request 1.
Going to the next request
Waking up in 1.9 seconds.
Cleaning up request 1 ID 2 with timestamp +13
Ready to process requests.
sollunga wrote:
>
> thanks ivan for the quick reply, will get back to you shortly
>
>
>
> sollunga wrote:
>>
>> i am using Cisco ACS for authenticating my vpn users, now i thought of
>> using two factor auth in place against the direct authentication by ACS,
>> on this process one of the googling guided me to try proxying the ACS to
>> Freeradius and call some scripts to talk to the java application. now by
>> making the ACS to do proxying at network configuration, i can see the
>> request is flowing to freeradius from ACS, and the freeradius does
>>
>> ""
>> [chap] rlm_chap: Attribute "User-Name" is required for authentication.
>> ++[chap] returns invalid
>> Failed to authenticate the user.
>> Using Post-Auth-Type Reject
>> +- entering group REJECT {...}
>> [attr_filter.access_reject] expand: %{User-Name} ->
>> ++[attr_filter.access_reject] returns noop
>> Delaying reject of request 27 for 1 seconds
>>
>> ""
>>
>> after a while it says
>>
>> ""
>> [pap] Found existing Auth-Type, not changing it.
>> ++[pap] returns noop
>> Found Auth-Type = CHAP
>> +- entering group CHAP {...}
>> [chap] login attempt by "Doe" with CHAP password
>> [chap] Using clear text password "hello" for user Doe authentication.
>> [chap] chap user Doe authenticated succesfully
>> ++[chap] returns ok
>> +- entering group post-auth {...}
>> ++[exec] returns noop
>> Sending Access-Accept of id 63 to
>>
>> ""
>> i am trying to figure out where could be the issue
>>
>> once after this process, i need to send the same to a java application
>> and get a success status from there and authenticate this user.
>>
>> could it be possible?
>>
>> team i am a newbie here, i am just a sys admin, and now trying extend my
>> knowledge, please help me.
>>
>
>
--
View this message in context:
http://www.nabble.com/Freeradius%2BJava-application-api-call-and-authenticate-tp22449820p22619518.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
