Hi all, Please disregard, I've solved the thing ;-) Silly typo in the return.
Z2L ----- Original Message ----- From: "FreeRadius-ML" <[EMAIL PROTECTED]> To: "freeradius-users" <[email protected]> Sent: Thursday, July 26, 2007 6:41:21 PM (GMT+0200) Asia/Jerusalem Subject: Fwd: final rlm_perl question, hopefully... Hi All, Ok, after reviewing all the information that was received, I've setup my FreeRadius as following: 1. The authorize and authenticate sections are setup to activate digest and perl. 2. My rlm_perl script utilizes the following lines in order to return the unencrypted user password back to FreeRadius for digest authentication: $RAD_CHECK{'Cleartext-Password'} = "xxxxxx"; # Remove this line for production $RAD_CHECK{'User-Password'}="xxxxxx"; # Remove this line for production I just put these inside my script for checking, later on this information will be retrieved from an external source. Now, FreeRadius activates my rlm_perl module, no problem, as I can see the various reply fields being setup, however, I'm still getting the following error: rlm_perl: RAD_REQUEST: Client-IP-Address = 192.168.2.80 rlm_perl: RAD_REQUEST: Digest-Response = 632905a2325f672f049800eda7df9ee4 rlm_perl: RAD_REQUEST: User-Name = [EMAIL PROTECTED] rlm_perl: RAD_REQUEST: Service-Type = IAPP-Register rlm_perl: RAD_REQUEST: NAS-IP-Address = 192.168.2.80 rlm_perl: RAD_REQUEST: NAS-Port = 5060 rlm_perl: RAD_REQUEST: Sip-Uri-User = z2l rlm_perl: RAD_REQUEST: Digest-Attributes = ARRAY(0xbbc93f0) rlm_perl: RAD_REPLY: Reply-Message = User accepted by z2l WSDL rlm_perl: RAD_REPLY: z2l-Duration = 60 rlm_perl: RAD_REPLY: z2l-Status = 2 rlm_perl: RAD_REPLY: z2l-Session = 833abb3d-d047-4d0d-a40e-2e147049f96d rlm_perl: Added pair Reply-Message = User accepted by z2l rlm_perl: Added pair z2l-Duration = 60 rlm_perl: Added pair z2l-Status = 2 rlm_perl: Added pair z2l-Session = 833abb3d-d047-4d0d-a40e-2e147049f96d rlm_perl: Added pair Cleartext-Password = z2l rlm_perl: Added pair User-Password = z2l rlm_perl: Added pair Auth-Type = digest perl_pool total/active/spare [32/0/32] Unreserve perl at address 0xb933260 modcall[authorize]: module "perl" returns ok for request 5 rlm_realm: Looking up realm "192.168.2.80" for User-Name = "[EMAIL PROTECTED]" rlm_realm: No such realm "192.168.2.80" modcall[authorize]: module "suffix" returns noop for request 5 modcall: leaving group authorize (returns ok) for request 5 rad_check_password: Found Auth-Type DIGEST auth: type "digest" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 5 rlm_digest: Configuration item "User-Password" or Digest-HA1 is required for authentication. modcall[authenticate]: module "digest" returns invalid for request 5 modcall: leaving group authenticate (returns invalid) for request 5 auth: Failed to validate the user. Login incorrect: [EMAIL PROTECTED]/<no User-Password attribute>] (from client 192.168.2.80 port 5060) Delaying request 5 for 1 seconds Finished request 5 Going to the next request Waking up in 3 seconds... Now, my configuration is very very simple. In the authorize I have digest and perl enabled, in authenticate I have only digest enabled. If I read the debug correctly, the authorization is going ok: modcall[authorize]: module "perl" returns ok for request 5 rlm_realm: Looking up realm "192.168.2.80" for User-Name = "[EMAIL PROTECTED]" rlm_realm: No such realm "192.168.2.80" modcall[authorize]: module "suffix" returns noop for request 5 modcall: leaving group authorize (returns ok) for request 5 However, the authentication section fails: rad_check_password: Found Auth-Type DIGEST auth: type "digest" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 5 rlm_digest: Configuration item "User-Password" or Digest-HA1 is required for authentication. modcall[authenticate]: module "digest" returns invalid for request 5 modcall: leaving group authenticate (returns invalid) for request 5 auth: Failed to validate the user. Login incorrect: [EMAIL PROTECTED]/<no User-Password attribute>] (from client 192.168.2.80 port 5060) So, I'm either returning something in the wrong way, or I've broken something again. Any pointers on the issue would be highly appreciated. Regards, Z2L - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
