Salut Fred -
On Sat, 04 Dec 1999, Frederic GARGULA wrote:
> hi,
>
> I want to be able to test that a user exists in an MSSQL 7 database, but
> I don't want to check his password.
> In fact that authentication is made by a qmail mail server that wants to
> know if a user exist or not (simply to know if the mailbox exist, to
> deliver an incoming mail)
>
>
> I have wrote an Handler :
>
> <Handler Realm=domain1.com,Service-Type=Without-Password>
> RewriteUsername s/^([^@]+).*/$1/
> <AuthBy SQL>
> DBSource dbi:ODBC:domain1
> DBUsername username
> DBAuth password
> AuthSelect select * from T_LOGIN where LOGIN='%n' and
> LOGINTYPE=0
> AuthColumnDef 0, User-Name, check
> # AuthColumnDef 1, Service-Type, reply
> </AuthBy>
> </Handler>
>
>
>
> when I want to check if my handler works, I use an home-made program to
> simulate an incoming mail :
>
>
> Code: Access-Request
> Identifier: 200
> Authentic: !9<183><30>F<145><241>w<7>_BN4<200><160>Q
> Attributes:
> User-Name = "[EMAIL PROTECTED]"
> Service-Type = Without-Password
> NAS-IP-Address = xxx.xxx.xxx.xxx
> NAS-Port = 0
>
> and Radiator says :
>
> Fri Dec 3 19:03:42 1999: DEBUG: Handling request with Handler
> 'Realm=domain1.
> com,Service-Type=Without-Password'
> Fri Dec 3 19:03:42 1999: DEBUG: Rewrote user name to toto11
> Fri Dec 3 19:03:42 1999: DEBUG: Deleting session for
> [EMAIL PROTECTED], xxx.
> xxx.xxx.xxx, 0
> Fri Dec 3 19:03:42 1999: DEBUG: Handling with Radius::AuthSQL
> Fri Dec 3 19:03:43 1999: DEBUG: Handling with Radius::AuthSQL
> Fri Dec 3 19:03:43 1999: DEBUG: Query is: select * from T_LOGIN where
> LOGIN='to
> to11' and LOGINTYPE=0
>
> Fri Dec 3 19:03:43 1999: ERR: Bad attribute=value pair: toto11
> Fri Dec 3 19:03:43 1999: ERR: Bad attribute=value pair: toto9
> Fri Dec 3 19:03:43 1999: DEBUG: Radius::AuthSQL looks for match with
> toto11
> Fri Dec 3 19:03:43 1999: WARNING: No CHAP-Password or User-Password in
> request:
> does your dictionary have User-Password in it?
> Fri Dec 3 19:03:43 1999: DEBUG: Radius::AuthSQL REJECT: Bad Password
> Fri Dec 3 19:03:43 1999: DEBUG: Query is: select * from T_LOGIN where
> LOGIN='DE
> FAULT' and LOGINTYPE=0
>
> Fri Dec 3 19:03:43 1999: INFO: Access rejected for toto11: Bad Password
> Fri Dec 3 19:03:43 1999: DEBUG: Packet dump:
> *** Sending to xxx.xxx.xxx.xxx port 1993 ....
> Code: Access-Reject
> Identifier: 200
> Authentic: !9<183><30>F<145><241>w<7>_BN4<200><160>Q
> Attributes:
> Reply-Message = "Request Denied"
>
>
> I don't want to check the password, but I want to know if there such a
> user in the database...
>
> Do you have any ideas ?
>
Hmmmm - AuthSQL will always check the password (as will all AuthBy modules).
However you may be able to use an additional feature in this case. If you can
add a NULL field to your database to use as a bogus password field for this
Handler only (be careful with this!!) - you can let AuthSQL use this for its
password check and *anything* will be accepted (if the user exists).
Your AuthSelect would be something like this:
AuthSelect select BOGUS_PASSWORD from T_LOGIN where LOGIN='%n'
AuthColumnDef 0, User-Password, check
Have a look at the code in Radius/AuthSQL.pm to see what I mean.
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
