Re: (RADIATOR) AuthBy SQL problem
Hello Adam - All you really need to do is use a RewriteUsername and a CaseInsensitivePasswords with a single AuthBy SQL. regards Hugh On Thursday, Oct 16, 2003, at 00:27 Australia/Melbourne, Adam Pogorzelski wrote: Hello, I have such a problem. I have users in mysql database, and few so called multilogin users. These multilogins have simple passwords created by username, for example ppp/ppp. Problem is, that i need to authenticate these combination as the same user: ppp/ppp, PPP/PPP, ppp/PPP, PPP/ppp. For now i am including to one Handler two authby's config files, one with normal AuthSelect, and second with Authselect 'select ucase(PASSWORD)'. Because i have many Handlers, and for each Handler is two configs, i want to minimize all configuration. So my question is: is it possible to put in AuthBy clause two AuthSelect's ? Similiar to AuthByPolicy ? Btw, for each failed Radius::AuthSQL i have one insert to database with info about it, and if i have four login/pass combination, i can have three inserts to database with fail info. ps. I may be wrong, but does Radiator isn't sql injection aware ? Sat Oct 11 06:51:57 2003: ERR: do failed for 'insert into radauthlog values (1065847917,'~}#','[EMAIL PROTECTED]'} }4',1,'No such user','DNIS','CLID')': You have an error in your SQL syntax near '} }4',1,'No such user','DNIS','CLID')' at line 1 S -- "For proper viewing, take red pill now" Futurama AdamP. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. NB: have you included a copy of your configuration file (no secrets), together with a trace 4 debug showing what is happening? -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) AuthBy SQL problem
On 10/15/03 10:27 AM, "Adam Pogorzelski" <[EMAIL PROTECTED]> wrote: > I have such a problem. I have users in mysql database, and few so called > multilogin users. These multilogins have simple passwords created by > username, for example ppp/ppp. Problem is, that i need to authenticate > these combination as the same user: > ppp/ppp, PPP/PPP, ppp/PPP, PPP/ppp. > For now i am including to one Handler two authby's config files, > one with normal AuthSelect, and second with Authselect 'select > ucase(PASSWORD)'. Seems like it's more work than it's worth. You have some options... Add the directive in Radiator to ignore the case of passwords. So that "PaSSwoRD" would match "PASSWORD". You can also rewrite the username with a regex to force the username to lowercase before handling it in an authby.. > Because i have many Handlers, and for each Handler is two configs, i want > to minimize all configuration. > So my question is: is it possible to put in AuthBy clause two AuthSelect's ? > Similiar to AuthByPolicy ? For what reason if you just "IgnoreCase" on the password... ? > ps. I may be wrong, but does Radiator isn't sql injection aware ? > Sat Oct 11 06:51:57 2003: ERR: do failed for 'insert into radauthlog > values (1065847917,'~}#','[EMAIL PROTECTED]'} }4',1,'No such > user','DNIS','CLID')': You have an error in your SQL syntax near '} > }4',1,'No such user','DNIS','CLID')' at line 1 > S Tell Radiator what characters are valid in Usernames and you won't see this... ie: UsernameCharset [EMAIL PROTECTED] Or you could do something like: RewriteUsername s/[EMAIL PROTECTED]/\?/g Which strips out any bogus characters we don't except and replaces they with a "?" Which should be SQL friendly... -- Robert Blayzor, BOFH INOC, LLC [EMAIL PROTECTED] PGP: http://www.inoc.net/~dev/ Key fingerprint = A445 7D1E 3D4F A4EF 6875 21BB 1BAA 10FE 5748 CFE9 Mac OS X. Because making Unix user-friendly is easier than debugging Windows. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) AuthBy SQL problem
Hello Sam - Just specify a suitable AuthSelect: AuthSelect select PASSWORD where USERNAME = '%n' and STATUS = 'T' AuthColumnDef 0, User-Password, check regards Hugh On Tue, 8 Jan 2002 12:09, Sam Cheung wrote: > Hi genius, > > I am using to authenticate users. However, I would like to > verifiy the user's username, password and status=T. So, How, can I > rewrite the statement in sq.cfg to make it works. > Thanks so much for paying attention. > > --- > Regards, > > Sam Cheung > E-mail: [EMAIL PROTECTED] > > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
