We have a working FreeRADIUS 1.1.4 running since a lot of months.
Now we have to proxy the requests for a realm (gtenet.it) to a given
RADIUS server, but our server seems to ignore the proxy configuration!
I have set proxy_requests = yes and included the proxy.conf file
(I'm sure of these,
Tomas Hoger wrote:
Hi Federico!
Check default radiusd.conf and search for realm and suffix. It
looks like you're not calling rlm_realm in authorize.
Yes, that was the problem!
I thought that the realms were handled by some kind of internal magic...
Thanks.
On 7/11/07, Federico Giannici
Alan DeKok wrote:
Federico Giannici wrote:
I have just upgraded from 1.1.2. to 1.1.4.
Now I tried to convert my custom authorization module to use the
Cleartext-Password attribute instead of User-Password (my passwords
are in clear-text).
...
But the daemon started to give Login incorrect
SOLVED!
In pairmake() I was using T_OP_CMP_EQ instead of T_OP_EQ (it worked with
User-Password...).
Bye.
Federico Giannici wrote:
Alan DeKok wrote:
Federico Giannici wrote:
I have just upgraded from 1.1.2. to 1.1.4.
Now I tried to convert my custom authorization module to use
Unfortunately it works with PAP only!
With CHAP it gives me rlm_chap: Clear text password not available...
Any suggestion?
Thanks.
Federico Giannici wrote:
SOLVED!
In pairmake() I was using T_OP_CMP_EQ instead of T_OP_EQ (it worked with
User-Password...).
Bye.
Federico
Federico Giannici wrote:
Federico Giannici wrote:
Alan DeKok wrote:
Federico Giannici wrote:
Now we have to check every authentication against TWO different
passwords (it's OK if ONE is matched). Something like setting two
different and alternative User-Password attributes...
Sort
Federico Giannici wrote:
Alan DeKok wrote:
Federico Giannici wrote:
Now we have to check every authentication against TWO different
passwords (it's OK if ONE is matched). Something like setting two
different and alternative User-Password attributes...
Sort of. See doc
We are currently using FreeRADIUS 1.1.2 since a lot of months (with a
custom module to retrieve and record data from/to our database and
perform custom things).
Now we have to check every authentication against TWO different
passwords (it's OK if ONE is matched). Something like setting two
Alan DeKok wrote:
Federico Giannici wrote:
Now we have to check every authentication against TWO different
passwords (it's OK if ONE is matched). Something like setting two
different and alternative User-Password attributes...
Sort of. See doc/configurable_failover.
I read it, but I'm
I have just upgraded from 1.1.2. to 1.1.4.
Now I tried to convert my custom authorization module to use the
Cleartext-Password attribute instead of User-Password (my passwords
are in clear-text).
I simply replaced the following command at the end of the authorization
routine of my module:
every
time and is less complex than a failover implementation, is it bad?).
Well... this is a little more than a bit of a hack.
It will work with clear-text authentication mechanisms only...
Bye.
On 03/02/07, *Federico Giannici* [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
Alan
I have a couple of questions about the FreeRADIUS logging:
1) Looking at the source code, I found that in order to send the logs to
the syslog I have to set logdir = syslog in the config file, but I
have found no way to set the syslog facility from the config file.
Is it possible to set it only
Alan DeKok wrote:
Federico Giannici [EMAIL PROTECTED] wrote:
I have noticed that the lower_pass = after configuration command is
implemented simply executing a second time the entire sequence of
authorization/authentication operations.
Yes. The feature is a hack, and should be removed from
Alan DeKok wrote:
Federico Giannici [EMAIL PROTECTED] wrote:
My first question is: what is the supposed way to add a custom module to
the list of the compiled ones?
The list of modules to compile is in the top-level Make.inc file.
OK, but it seems to be created by the configure script based
Alan DeKok wrote:
Federico Giannici [EMAIL PROTECTED] wrote:
I tried to use --with-rlm_MYMODULENAME in configure, but it has no
effect if my module isn't in stable!
So submit a patch for configure.in.
Unfortunately I don't know almost anything about autoconf.
I hoped someone else would have
I have noticed that the lower_pass = after configuration command is
implemented simply executing a second time the entire sequence of
authorization/authentication operations.
I think this is not a good thing, for a couple of reasons:
1) The operation is logged two times: first the failure and
We need a complex authorization process that take complex decisions
based on various condition and SQL data. So we need to create a custom
module.
We think that we'll start modifying the sql module as a starting point.
My first question is: what is the supposed way to add a custom module to
module and used it as a
skeleton for my new module.
Looking around, I have found the stable file in the src/modules
directory and added the name of my module at the end of the file.
It seems to be sufficient to make my module compiled into the server.
Any other hints?
Thanks.
--- Federico
18 matches
Mail list logo