> Hello, > > In FreeRADIUS, authorization is done before authentication. Is that a > proper sequence regarding the standard RADIUS concept? > > For example, when a user mistypes the password, FreeRADIUS still send > out the attributes to RADIUS client. Would that be an issue (ie, > security, loading, ...)?
The only attributes it should send back to the client with a mistyped password is auth-reject. > > Best Regards, > Bush > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
