Hello Colin -
On Thu, 27 Apr 2000, colinc wrote:
> Hi
>
> Just wondering if it's possible to check both the password and encrypted
> password column particularly if one column is empty or null.
>
> for example, the default would be to check the encrypted password column
> for authentication, however, if there is no encrypted password present
> we want radiator to check the password column. Or vice versa. We have it
> looking at the encrypted password at the moment.
>
As you are using an SQL database, you could use two AuthBy SQL clauses with
different AuthSelect statements and cascade them with an AuthByPolicy.
Something like this:
#define this AuthBy to check the clear text password
<AuthBy SQL>
Identifier CheckClearTextPassword
DBSource ....
DBUsername ....
DBAuth ....
AuthSelect .....
.....
</AuthBy>
# define this AuthBy to check the encrypted password
<AuthBy SQL>
Identifier CheckEncryptedPassword
DBSource ....
DBUsername ....
DBAuth ....
AuthSelect ....
.....
</AuthBy>
# define an AuthBy GROUP to do both checks
<AuthBy GROUP>
Identifer CheckPassword
AuthByPolicy ContinueUntilAccept
AuthBy CheckClearTextPassword
AuthBy CheckEncryptedPassword
</AuthBy>
# the Handler(s) or Realm(s) would contain this
<Handler ....>
....
AuthBy CheckPassword
....
</Handler>
Note that the same technique can be used in many other cases to simplify
configuration files enormously.
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
