Hello William -
The default behaviour for Radiator is to look first for the exact username, then DEFAULT, DEFAULT1, DEFAULT2, etc. If you do not want this to occur you should add a NoDefault parameter to your AuthBy SQL clause.
<AuthBy SQL> ...... NoDefault ...... </AuthBy>
See section 6.17.12 in the Radiator 3.7.1 reference manual.
regards
Hugh
On Thursday, Oct 23, 2003, at 03:39 Australia/Melbourne, William C. Mott wrote:
I am having a problem with SQL authentication, the log file shows AuthSQL
trying to authenticate with the username then checks the username DEFAULT,
instead of the actual username. Am I missing something...
-----LOG FILE----- Tue Oct 21 18:29:21 2003: DEBUG: Packet dump:
*** Received from 208.179.155.18 port 1339 ....
Code: Access-Request
Identifier: 1
Authentic: <189><15>A<201><3><173><192><235><187><254><224><187><216>ga<213>
Attributes:
User-Name = "vesta"
NAS-IP-Address = 208.179.155.18
NAS-Identifier = "0"
User-Password = "(a<147><241>1.\<243>2<19><172><207><143><170><4><192>"
NAS-Port = 1
Service-Type = Framed-User
Framed-Protocol = PPP
Tue Oct 21 18:29:21 2003: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Tue Oct 21 18:29:21 2003: DEBUG: Rewrote user name to vesta
Tue Oct 21 18:29:21 2003: DEBUG: Rewrote user name to vesta
Tue Oct 21 18:29:21 2003: DEBUG: Deleting session for vesta, 208.179.155.18,
1
Tue Oct 21 18:29:21 2003: DEBUG: Handling with Radius::AuthSQL
Tue Oct 21 18:29:21 2003: DEBUG: Handling with Radius::AuthSQL:
Tue Oct 21 18:29:22 2003: DEBUG: Query is: 'SELECT RTRIM(PASSWORD), REPLYATTR, MAXTIME, SESSIONS FROM Users WHERE (USERNAME='vesta') AND ((Status = 1) OR (Status = 4))':
Tue Oct 21 18:29:23 2003: DEBUG: Radius::AuthSQL looks for match with vesta
Tue Oct 21 18:29:23 2003: DEBUG: Query is: 'SELECT RTRIM(PASSWORD), REPLYATTR, MAXTIME, SESSIONS FROM Users WHERE (USERNAME='DEFAULT') AND ((Status = 1) OR (Status = 4))':
Tue Oct 21 18:29:23 2003: INFO: Access rejected for vesta: No such user
Tue Oct 21 18:29:23 2003: DEBUG: Packet dump:
*** Sending to 208.179.155.18 port 1339 ....
Code: Access-Reject
Identifier: 1
Authentic: <189><15>A<201><3><173><192><235><187><254><224><187><216>ga<213>
Attributes:
Reply-Message = "Request Denied"
-----END LOG-----
-----CONFIG FILE-----
<Realm DEFAULT>
RewriteUsername s/^(.*)\\(.*)/[EMAIL PROTECTED]/
RewriteUsername s/^([EMAIL PROTECTED]).*/$1/
<AuthBy SQL>
DBSource dbi:ODBC:radiator
DBUsername radiator
DBAuth <hidden>
AuthSelect SELECT RTRIM(PASSWORD), REPLYATTR, MAXTIME, SESSIONS FROM Users
WHERE (USERNAME='%n') AND ((Status = 1) OR (Status = 4))
AuthColumnDef 0, User-Password, check
AuthColumnDef 1, GENERIC, reply
AuthColumnDef 2, Session-Timeout, reply
AuthColumnDef 3, Simultaneous-Use, check
AddToReply Framed-Protocol=1,\
Framed-IP-Netmask=255.255.255.255,\
Framed-MTU=476,\
Framed-Compression=1
HandleAcctStatusTypes Start, Stop
AcctColumnDef USERNAME,User-Name
#AcctColumnDef TIME_STAMP,Timestamp,formatted-date,to_date('%m/%e/%Y %H:%M:%S', 'MM/DD/YYYY HH24:MI:SS')
#AcctColumnDef TIME_STAMP,Timestamp,formatted-date
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCT,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCT,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct_Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASPORT,NAS-Port,integer
</AuthBy>
# Log accounting to a detail file. %D is replaced by DbDir above
AcctLogFileName %D/detail
</Realm>
-----END CONFIG-----
=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
NB: have you included a copy of your configuration file (no secrets), together with a trace 4 debug showing what is happening?
-- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence.
=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.