----- Mensagem original ----
Para: FreeRadius users mailing list <freeradius-users@lists.freeradius.org>
Enviadas: Sexta-feira, 23 de Março de 2007 3:54:41
Assunto: Re: Res: Res: EAP-TTLS + Post-auth clear password

Erico Augusto wrote:
>  All I can say is "huh"?  You want to use a custom app, and you
>solution is to write a shell script that does... nothing?
sure not!

>  Perhaps you could explain how the custom app *currently* interacts
> with FreeRADIUS.  From the examples you've posted, it doesn't.
it's called learning ...

> My suggestion was to write a program that would send the username &&
> password to the custom app.  See the documentation for how to see the
>username && password in a shell script run by rlm_exec.
that's what I'm looking for ... constructive suggestions ...

>  What makes you think that the shell script changes the password?
>Nothing in the documentation or examples would lead you to believe that
>simple echoing a number would have the magic side-effect of changing the
just learning how the tool works...

>  The configurations you've shown don't match the documentation.  i.e.
>You think they do one thing, but the documentation says they do
>something else.
The interaction with JRadius now works ... it wasn't an issue with freeradius 
... JRadius API was outputing 
[Encrypted String] to the password ... in truth, it's just in ASCII ... a 
simple casting fix everything.

So, to get cleartext password with WinXP SecureW2(EAP-TTLS) Supplicant 
configured to  PAP at Authentication Tab, using JRadius API, just gather 
password bytes as following:
byte [] passByte = requestPacket.getAttributes().get(Attr_UserPassword.NAME). 
where  requestPacket is a RadiusPacket object.


  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Fale com seus amigos  de graça com o novo Yahoo! Messenger 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to