Am 04.08.2012 03:15, schrieb Alan DeKok:
Klaus Klein wrote:
Which uses certificates for authentication.
Correct.
Thanks for the vote of confidence.
You're welcome. :)
The point of my comment was that it DOESN"T use names&& passwords for
authentication.
I did understand this part.
Nevertheless, if I follow the documentation provided with freeradius (e.g.
aaa.rst.gz) then authorization comes before authentication.
Also
... an authorization module searches a database ... (/etc/freeradius/users ?)
--- if none of database records for this User-Name matches ... authorization
will fail.
Therefore I'm a bit puzzled that if no matching entry in users is found that
the authentication still takes place.
I think in that case the behavior contradicts the 'Request Processing'
described in aaa.rst.gz
Klaus
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
