Hi,all.
I want to set up freeradius which use users file and sql database for
user authenticating.
But I can not set up well.
Can I set up freeradius as follow?
1.Checking users file
If the User-Name is found,check the User-Password.
if the User-Password is correct,check the Calling-Station-Id.
if the Calling-Station-Id is correct,the user is authenticated.
if the Calling-Station-Id is incorrect,reject the user.
if the User-Password is incorrect,reject the user
If the User-Name is not found, go to "Checking SQL(Mysql) DataBase."
2.Checking SQL(Mysql) DataBase.
If the User-Name is found,check the User-Password.
if the User-Password is correct,check the Calling-Station-Id.
if the Calling-Station-Id is correct,the user is authenticated.
if the Calling-Station-Id is incorrect,reject the user.
if the User-Password is incorrect,reject the user
If the User-Name is not found, reject the user.
My image process figure
--------------------------------------------------
Start
|
+----+----+
| |user found
| users +-------------------+
| file | |
+----+----+ |
|user not found |
| |
| |
+----+----+ |
| |user found |
| sql +-------------------+
| (MySql) | |
+----+----+ |
|user not found +----+----+
| | |false
reject | Password+---------reject
| check |
+----+----+
|ok
|
+----+-------+
| Calling- |false
| Station-Id +------reject
| check |
+----+-------+
|ok
|
user authenticated
figure 1
--------------------------------------------------
my authorize section in radiusd.conf is below
--------------------------------------------------
authorize {
preprocess
group {
files {
ok = return
}
sql {
ok = return
}
}
}
my users file
--------------------------------------------------
test Auth-Type := Local, User-Password == "test", Calling-Station-Id=="0000000000"
User-Service = Framed-User ,
Framed-Protocol = PPP ,
Framed-IP-Address = 10.0.0.1 ,
Framed-IP-Netmask = 255.255.255.255
Result I tested.
--------------------------------------------------
|User-Name|User-Password|Calling-Station-Id|
----------+---------+-------------+------------------+
(1) | ○ | × | - |
----------+---------+-------------+------------------+
(2) | ○ | ○ | × |
----------+---------+-------------+------------------+
○:correct
×:incorrect
Case (1)
files(rlm_files) returns notfound but reject.
and sql db has been checked.
and group returns notfound but reject.
case (2)
files(rlm_files) returns notfound but reject.
and sql db has been checked.
and group returns notfound but reject.
sorry for my poor english
regards
--
baffy200y <[EMAIL PROTECTED]>
__________________________________________________
Do You Yahoo!?
http://bb.yahoo.co.jp/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
