Re: Problems with MySQL Auth-Type

Wed, 29 May 2002 12:27:06 -0700 

>
> > We're trying to set up a web front, where all of this stuff can be
> > changed without having to know any linux commands or mysql commands. I
> > have the web front basically done, but tying it into FreeRadius would be
> > nearly impossible from what I'm understanding. That means the password
> > needs to also be stored in one of the configuration files correct? Such
> > as clients.conf? Or is PAP just used to verify the password stored in the
> > SQL database?
>
> Nono, you can store the password in the (per default) radcheck table in
> the sql database. PAP (for example) is, like you said, only used to
> verify the password returned from the sql module. PAP can check
> cleartext, crypt and md5 passwords at the moment.
> clients.conf is used for the secrets etc. for communicating with other
> 'clients', NAS'es etc, and has nothing to do with the actual user
> authentication, i think you meant the 'users' file above.
>
> You can also set the Auth-Type attribute in the radgroupcheck table if
> you want to avoid the users file alltogether.
>
> Ie. you never need to touch anything other then the sql database with
> your web frontend.

I'm in the process of setting up something very similar (wanting to use the 
database only). What you said above has me somewhat confused now. 

If I set Auth-Type := PAP in my radgroupcheck table, I also need to set

authenticate{
        authtype PAP {
               pap
       }
}

Is there anything else I need to do as far as authentication goes? Do I still 
need to use the files module like radius.conf says:

"# Uncomment the following if you want to support PAP and you extract user
# passwords from the user database (LDAP,SQL etc). You should use the files
# module to set Auth-Type to PAP for this to work."

because the files module looks for 'users' and 'acct_users'.

Also, if PAP can do cleartext, crypt and md5 passwords, why would anyone need 
to use Auth-Type := Local while using a sql database to store user names and 
pwds?

Have a great day!
Nick

-- 
Nick Davis 
Associate Systems Administrator 
[EMAIL PROTECTED] 
Internet Exposure, Inc. 
http://www.iexposure.com  

(612)676-1946 
Web Development-Web Marketing-ISP Services

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to