PostreSQL Authentication

Dennis S. Davidoff Tue, 25 Mar 2003 01:08:43 -0800

Hi all.
I have a problem with postgresql authentication.
Cuts from configs and log files:


radiusd.conf
============
In 'modules' section:
        mschap {
                authtype = MS-CHAP
                use_mppe = yes
        }

In 'authorize':
        mschap
        sql

PostgreSQL
==========

radius=> select * from radcheck ;
 id | username | attribute |  value  | op
----+----------+-----------+---------+----
  1 | den      | Password  | fuflo   | ==
  2 | steve    | Password  | testing | ==

radius=> select * from radgroupcheck ;
 id | groupname | attribute | value | op
----+-----------+-----------+-------+----
  1 | static    | Auth-Type | Local | :=
 
radius=> select * from radgroupreply;
 id | groupname |     attribute      |        value        | op
----+-----------+--------------------+---------------------+----
  1 | static    | Framed-Protocol    | PPP                 | :=
  2 | static    | Service-Type       | Framed-User         | :=
  3 | static    | Framed-Compression | Van-Jacobsen-TCP-IP | :=
  4 | static    | Framed-IP-Netmask  | 255.255.255.252     | :=
  5 | static    | Framed-MTU         | 1500                | :=

radius=> select * from radreply;
 id | username |     attribute     |   value   | op
----+----------+-------------------+-----------+----
  1 | den      | Framed-IP-Address | 10.0.0.2+ | :=
  2 | steve    | Framed-IP-Address | 10.0.0.2+ | :=

radius=> select * from usergroup;
 id | username | groupname
----+----------+-----------
  1 | den      | static
  2 | steve    | static

Cuts from debug (-xxy):

rad_recv: Access-Request packet from host 192.168.0.11:1540, id=98,
length=147
Thread 1 assigned request 0
--- Walking the entire request list ---
Threads: total/active/spare threads = 5/1/4
Nothing to do.  Sleeping until we see a request.
Thread 1 handling request 0, (1 handled so far)
        NAS-Identifier = "localhost"
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Calling-Station-Id = "127.0.0.1"
        User-Name = "steve"
        MS-CHAP-Challenge = 0x42af3afa20ea9629
        MS-CHAP-Response = 
0x01010000000000000000000000000000000000000000000000009a804422b871ef01193f0a48c0845aa24c7c27aa8c318841
        Service-Type = Framed-User
        Framed-Protocol = PPP
modcall: entering group authorize
 modcall[authorize]: module "mschap" returns notfound
radius_xlat:  'steve'
sql_set_user:  escaped user --> 'steve'
radius_xlat:  'SELECT id,UserName,Attribute,Value FROM radcheck WHERE Username = 
'steve' ORDER BY id'
rlm_sql: Reserving sql socket id: 4
query: SELECT id,UserName,Attribute,Value FROM radcheck WHERE Username = 'steve' ORDER 
BY id
rlm_postgresql Status: PGRES_TUPLES_OK
sql_postgresql: affected rows = 
radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'steve' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
query: SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'steve' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
rlm_postgresql Status: PGRES_TUPLES_OK
sql_postgresql: affected rows = 
radius_xlat:  'SELECT id,UserName,Attribute,Value FROM radreply WHERE Username = 
'steve' ORDER BY id' 
query: SELECT id,UserName,Attribute,Value FROM radreply WHERE Username = 'steve' ORDER 
BY id
rlm_postgresql Status: PGRES_TUPLES_OK
sql_postgresql: affected rows = 
radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value 
FROM radgroupreply,usergroup WHERE usergroup.Username = 'steve' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
query: SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value 
FROM radgroupreply,usergroup WHERE usergroup.Username = 'steve' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_postgresql Status: PGRES_TUPLES_OK
sql_postgresql: affected rows = 
rlm_sql: Pairs do not match [steve]
rlm_sql: Released sql socket id: 4
  modcall[authorize]: module "sql" returns notfound
modcall: group authorize returns notfound
auth: No authenticate method (Auth-Type) configuration found for the request: 
Rejecting the user
auth: Failed to validate the user.
Login incorrect: [steve/<no     User-Password attribute>] (from client private port 0 
cli 127.0.0.1)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
Thread 1 waiting to be assigned a request
rad_recv: Access-Request packet from host 192.168.0.11:1540, id=98, length=147
Sending Access-Reject of id 98 to 192.168.0.11:1540
                MS-CHAP-Error = "\001E=691 R=1"
--- Walking the entire request list ---
Threads: total/active/spare
threads = 5/0/5
Waking up in 3 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 98     with timestamp 3e801223
Nothing to do.  Sleeping until we see a request.

Thanks for advices.

-- 
Sincerely,
Dennis

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

PostreSQL Authentication

Reply via email to