Hello mailing list. What I'm actually trying to accomplish is this:
I already have a modified version of an OpenID server, that doesn't require any user/password. The whole authentication is based on EAP-TLS between the browser and the Apache server, using the certificate email to identify the current user. (I control the whole CA chain, so I can trust the certificate embedded emails). I'd like to make FreeRADIUS "forward" the user certificate (client side, WPA2-Enterprise scheme certificate, I mean) to my OpenID (Apache server with EAP-TLS) and, if the connection is correctly established, authenticate the user and move him to the correct VLAN. This way, I could have an integrated network and services (single sign-on) authentication process, "completely" transparent to the end-user (except for the network So, if there was any already available module that could, for example, authenticate the RADIUS user using a "foreign" webservice or something like that, I think I could modify/adapt it to my EAP-TLS scenario. Any suggestions? Thanks in advance and congratulations for the nice community, -- Thiago Lima
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
