Re: SQL authentication with Auth-Type

2001-10-17 Thread Fredrik Reite 

At 18:48 2001-10-17 +0200, you wrote:
>Hi all...
>
>has anyone yet managed to set an Auth-Type as a check item
>in a MySQL database? For me no Auth-Type is working. I read
>in some older posting that the 'users' file supports
>an Auth-Type of 'sql'. But whenever I set an Auth-Type in
>the 'radcheck' table used for authentication (e.g. 'Local'
>or 'System') I receive an Access-Reject for no reason.
>
>I can even set Auth-Type to Local and it won't work. Just
>removing the Auth-Type record it works (with the Password
>entry alone). Is the 'users' file my destiny? Is the SQL
>authentication just not powerful enough to even support
>UNIX authentication?
>
>I'm sure there is a very simple solution. ;)

i had to hack src/modules/rlm_sql/rlm_sql.c

in the end i changed to

module_t rlm_sql = {
 "System",

and now it works with 'DEFAULT Auth-Type := System' in the users file.


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

users file for authorization and sql for authentication

2001-08-18 Thread Fredrik Reite 

I'm trying to configure freeradius to check the users file at authorization 
stage

**users file**
DEFAULT Auth-Type := System
 Service-Type = Framed-User,
 Framed-IP-Address = 255.255.255.254


And then lookup the password using the SQL module.

i have this in radiusd.conf
authorize { files }
authenticate { sql }
and the sql database correctly setup

but it doesnt work, this is the result from radiusd -xx

Waking up in 31 seconds...
Thread 1 handling request 0, (1 handled so far)
 User-Name = "freite"
 Password = "c\273\317\316+\245I\000\017\356)\265\323\371C\360"
 NAS-IP-Address = 255.255.255.255
 NAS-Port-Id = "5"
modcall: entering group authorize
 users: Matched DEFAULT at 1
   modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
   rad_check_password:  Found auth-type System
auth: type "System"
auth: Failed to validate the user.
Sending Access-Reject of id 87 to 127.0.0.1:1446

But when i change name in rlm_sql.c's module_t structure to 'System' 
instead of 'SQL' everything works like i want. Why doesn't freeradius run 
the authentication module if it's not named 'System'?
Putting authenticate {ok} doesn't work either if it's not named 'System' in 
the .c source file.
Group authorize returns ok, but it never even try to run the modules in 
authenticate. Do i miss something here or what?

Running freeradius-0.2


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html