Re: Token Authorization
Dnia 2008-07-23, śro o godzinie 21:06 +0200, Alan DeKok pisze: > krzychk2 wrote: > > I'd like to do a solution like token authentication. > > Token authentication is usually done as part of an existing > authentication protocol. > > Which authentication protocol do you plan on using? > Alan DeKok. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Well I'm in that happy situation that I'm at the beginning of the project and I can choose auth protocol. The only condition is that this has to be done by RADIUS server. So more protocols than better for me. So far I have done simple Active Directory User authorization threw kerberos (radius connects to AD threw kerberos and authorize users), now only tokens. AD LDAP also has no secrets for me so I can get the necessary informations for building tokens. -- Greetings Krzysztof Kardas - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Token Authorization
Dnia 2008-07-23, śro o godzinie 16:28 +0100, Ivan Kalik pisze: > >Firts step. > >User is authorized by user/password. > > > That would be radius. > > >Secound step: > >For the authentication from LDAP is taken further informations (like UID, > >date of birth) and user is asked about it. > > > > That would be web or some other application that you will need to write. > You sould probably use a captive portal and expand login page with this > functionality. > > Ivan Kalik > Kalik Informatika ISP > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Well, not quite becouse I'd like to authorize threw radius many other applications that require authentication. For example VPN and dialin for admins. Besides mod_auth_radius works with CHALLENGE są there is no problem to have one good mechanizm for many problems. rlm_otp (as far as I egzam source code) has similar functionality. I'll try to run this module and mabye change some functionality that will it work or maybe wrote some code in perl and rewrite it to C. The main probem for me is the server configuration that server will request for CHALLEGNE. The rest is to develop. -- Greetings Krzysztof Kardas - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Token Authorization
Hi, I'm a new user in freeRADIUS. I'd like to do a solution like token authentication. Firts step. User is authorized by user/password. Secound step: For the authentication from LDAP is taken further informations (like UID, date of birth) and user is asked about it. I think it is something familiar with CHAP Challenge but I don't know how to combine this solutions. Could somebody help me?? Greetings Krzysztof Kardas - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html