Jason Antman wrote:
> I was wondering if it is possible to have a sql authenticate{} section,
> and if so, how to define the queries?No. > In the wiki, I find "Many people ask if they can "authenticate" users to > their SQL database however the answer is "You are asking the wrong > question." " > > So, my question is: > "When doing PAP (actually EAP-TTLS/PAP, in my case), how do I check a > user's cleartext User-Password against one stored in a MySQL database?" You don't. FreeRADIUS selects the password from the database, and then does authentication itself. Comparing the password manually works *only* for PAP. If you use CHAP, MS-CHAP, etc. it won't work. Let FreeRADIUS do its job. It's an authentication server. Let MySQL do its job. It's a database. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
