Hi,
I'm trying to get Radius working and thought I'd try first with basic flat
file.
I have added a username and password to the /etc/raddb/users file.
When the client sees the registraion page I choose radius as authentication
method enter the isername and password I previously added to the flat file.
When I submit the form the webpage errors with:
Can't call method "check_pwd" on an undefined value at /usr/local/pf/conf/
authentication.radius.pm line 79.
When I edited this file originally I was a little confused by the admin
guide instructions which ask you to make the neccessary changes to the
following parameters:
my $RadiusServer = 'localhost';
my $RadiusSecret = 'testing123';
but I don't see these params in the file. So I just added them myself. I
wonder if this is causing the problem?
here is my radius.pm. Could you please see if you can spot errors?
Thanks
--------------------------
package authentication::radius;
=head1 NAME
authentication::radius - radius authentication
=head1 DESCRIPTION
authentication::radius allows to validate a username/password combination
using RADIUS
=cut
use strict;
use warnings;
use Authen::Radius;
use Log::Log4perl;
my $RadiusServer = '192.168.1.10';
my $RadiusSecret = 'testing123';
use base ('pf::web::auth');
use pf::config qw($TRUE $FALSE);
our $VERSION = 1.20;
=head1 CONFIGURATION AND ENVIRONMENT
Define the C<radiusServers> variable at the top of the module.
=over
=item Servers are always validated from top to bottom.
=item Multiple servers are useful for fault tolerance not to try users on
different RADIUS
=back
=cut
# uncomment the second line to add another server to the list to check
# you can add more lines also
my $radiusServers = [
{ 'host' => 'server1:1819', secret => 'secret' },
# { 'host' => 'server2:1819', secret => 'secret2' },
];
=head2 Optional
=over
=item name
Name displayed on the captive portal dropdown
=cut
our $name = "RADIUS";
=back
=head1 OBJECT METHODS
=over
=item * authenticate ($login, $password)
True if successful, false otherwise.
If unsuccessful errors meant for users are available in getLastError().
Errors meant for administrators are logged in F<logs/packetfence.log>.
=cut
sub authenticate {
my ($this, $username, $password) = @_;
my $logger = Log::Log4perl::get_logger(__PACKAGE__);
foreach my $server (@$radiusServers) {
my $radcheck = new Authen::Radius(
Host => $server->{'host'},
Secret => $server->{'secret'},
);
my $response = $radcheck->check_pwd($username, $password);
if (Authen::Radius::get_error() eq 'ENONE') {
if ($response) {
return $TRUE;
} else {
$this->_setLastError('Invalid login or password');
return $FALSE;
}
}
}
$logger->error("Unable to perform RADIUS authentication on any server:
" . Authen::Radius::get_error() );
$this->_setLastError('Unable to authenticate successfully');
return $FALSE;
}
=item * isAllowedToSponsorGuests
Is the given email allowed to sponsor guest access?
Can't perform user validation with Authen::Radius in a standard way.
Override with what you deem necessary.
=cut
sub isAllowedToSponsorGuests {
my ($this, $sponsor_email) = @_;
my $logger = Log::Log4perl::get_logger(__PACKAGE__);
$logger->error(q{Unimplemented! RADIUS module doesn't support checking
for a user's existence});
return $FALSE;
}
=back
=head1 AUTHOR
Olivier Bilodeau <[email protected]>
Maikel van der roest <[email protected]>
=head1 COPYRIGHT
Copyright (C) 2011, 2012 Inverse inc.
Copyright (C) 2008 Utelisys Communications B.V.
=head1 LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
USA.
=cut
1;
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
