On 16/03/2005 22:18, Sergey Poznyakoff wrote:
Ryan O'Connell <[EMAIL PROTECTED]> wrote:
I'm trying to set up a RADIUS server to always authenticate users
sucessfully, but return additional information (Static IP address)
from an SQL database for those that get the correct username and
I'd suggest to use some extension mechanism to achieve this. For example:
DEFAULT Auth-Type = Accept Service-Type = Framed-User, Exec-Program-Wait = "/path/auth %C{User-Name} %C{User-Password}"
The program /path/auth is supposed to check the supplied user
credentials and supply any additional attributes if these are
correct. In the siplest case it can easily be written in shell.
Hi,
I tried that but unfortuntely I can't find a way of passing CHAP-Password information in a useful format for an external program to parse on the command-line.
For the moment, I'm just using a perl script to output the SQL database to a users file, with a DEFAULT Auth-Type=Accept too. The only drawback of this is that if a username is supplied that doesn't match the password, the login is rejected.
I did look at trying to write a patch to allow Fall-Through for failed authenticaiton rather than rejecting the login but that appears to be non-trivial.
_______________________________________________
Help-gnu-radius mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/help-gnu-radius
