Hello,
the algorithm for authentication is www digest (or http digest --
rfc2617). The password has to be stored either plain text or HA1 format
(see the rfc for how to get the HA1). This auth algorithm uses md5 to
compute the response and decide whether auth was successful or not.
Cheers,
Daniel
On 05/30/07 17:15, Jason Ma wrote:
Hi All,
I'm configuring radius support on openser using
radiusclient-ng-0.5.5.1.tar.gz,and the radius server is Lucent AAA
server,everytime openser sent the request to AAA server,the AAA server
could not parse the request,the logs on AAA server is as below.I
noticed that the the server said it was "Unsupported algorithm",and
the algorithm was null,I'm wandering what kind of algorithm does
radiusclient-ng use?MD5 or HA1......... Please help ! Thanks in advance.
~~~~~~~~~~~~~~~~~~~~~~~
2007/05/29 16:51:45.685 <engine.item.setup> Initializing Radius Item:
192.168.1.42:33345->0.0.0.0:1812(77)
0 <engine.item.setup> Using dictionary: draft-sterman-aaa-sip-01
0 <engine.item.setup> Request decode:
User-Name = "[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>"
Digest-Attributes =
User-Name = "21230001"
Digest-Attributes =
Realm = "192.168.1.42 <http://192.168.1.42>"
Digest-Attributes =
Nonce = "465c49b766fa11f4a9db29977bf16857d3372780"
Digest-Attributes =
URI = "sip:192.168.1.42 <http://192.168.1.42>"
Digest-Attributes =
Method = "REGISTER"
Digest-Response = "689a0f89cd73751f61b12d04f585a224"
Service-Type = IAPP-Register
Anonymous = v0-a208-3231323330303031
NAS-Port = 5060
NAS-IP-Address = 192.168.1.42 <http://192.168.1.42>
0 <engine.item.setup > User-Name parsed: Base-User-Name =
"21230001", User-Realm = "192.168.1.42 <http://192.168.1.42>"
0 <engine.item.setup> Item setup complete
0 <engine.worker.1 > <setup> ==> ReadUserFile.auth:readUserFile
0 <plugin.ReadUserFile.auth:readUserFile> searchValue =
'[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>'.
0 <plugin.ReadUserFile.auth:readUserFile > Found entry:
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
0 <plugin.ReadUserFile.auth:readUserFile> Check items for found
entry:
User-Password = <hidden>
Auth-Type = Local
0 <plugin.ReadUserFile.auth:readUserFile> Reply items for found
entry:
0 <plugin.ReadUserFile.auth:readUserFile> SUCCESS -- Read User
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
0 <engine.worker.1> ReadUserFile.auth:readUserFile ==>
AuthHttpDigest.auth:checkDigest by SUCCESS -- Read User
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
0 <plugin.AuthHttpDigest.auth:checkDigest > response =
689a0f89cd73751f61b12d04f585a224
0 <plugin.AuthHttpDigest.auth:checkDigest> realm = 192.168.1.42
<http://192.168.1.42>
0 <plugin.AuthHttpDigest.auth:checkDigest> nonce =
465c49b766fa11f4a9db29977bf16857d3372780
0 <plugin.AuthHttpDigest.auth:checkDigest> method = REGISTER
0 <plugin.AuthHttpDigest.auth:checkDigest> uri =
sip:192.168.1.42 <http://192.168.1.42>
0 <plugin.AuthHttpDigest.auth:checkDigest > qop =
0 <plugin.AuthHttpDigest.auth:checkDigest> algorithm =
0 <plugin.AuthHttpDigest.auth:checkDigest> entityBodyHash =
0 <plugin.AuthHttpDigest.auth:checkDigest> cNonce =
0 <plugin.AuthHttpDigest.auth:checkDigest> nonceCount =
0 <plugin.AuthHttpDigest.auth:checkDigest> username = 21230001
0 <plugin.AuthHttpDigest.auth:checkDigest> ERROR -- Error
generating HTTP digest: java.io.IOException: Unsupported algorithm: :
java.io.IOException: Unsupported algorithm:
1 <engine.worker.1> AuthHttpDigest.auth:checkDigest ==>
End-Of-Methods by ERROR -- Error generating HTTP digest:
java.io.IOException: Unsupported algorithm:
1 <engine.worker.1> [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]> login discarded due to Error generating
HTTP digest: java.io.IOException: Unsupported algorithm:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
------------------------------------------------------------------------
_______________________________________________
Users mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/users
