Hi,
I am using <AuthBy SQL> with MySQL for authentication and accounting. I
noticed that the authentication by <AuthBy SQL> is case insensitive like
usual Mysql queries. My problem is that the accounting in MySQL tables is
done by distiguishing 2 usernames like "test" and "Test".
I would like to solve that problem by forcing case sensivity in
authentication or by forcing downcase for usernames in accounting. How could
I do one or the other way ?
Thanks in advance. Gildas.
> -----Message d'origine-----
> De : Hugh Irvine [mailto:[EMAIL PROTECTED]]
> Envoy� : samedi 9 septembre 2000 01:40
> � : Gildas PERROT; [EMAIL PROTECTED]
> Objet : Re: (RADIATOR) AuthBy SQL doesn't work ?
>
>
>
> Salut Gildas -
>
> On Sat, 09 Sep 2000, Gildas PERROT wrote:
> > Hi,
> >
> > I have a problem with that authentification.
> >
> > Here is my configuration :
> >
> > Foreground
> > Trace 4
> > AuthPort 1645
> > AcctPort 1646
> > LogDir /var/log/radiator
> > DbDir /usr/local/etc/radiator
> > LogFile %L//%Y%m/radiator-%Y%m%d
> > DictionaryFile %D/dictionary
> > PidFile /tmp/radiator.pid
> >
> > <Client DEFAULT>
> > Secret fxwap
> > FramedGroupBaseAddress 10.69.1.30
> > </Client>
> >
> > <Handler Called-Station-Id = 6642>
> > AcctLogFileName %L/%Y%m/6642account-%Y%m%d
> > <AuthBy SQL>
> > DBSource dbi:mysql:radius
> > DBUsername *****
> > DBAuth ******
> > </AuthBy>
> > </Handler>
> >
> > and the log file says :
> >
> > Fri Sep 8 16:05:17 2000: DEBUG: Packet dump:
> > *** Received from 10.69.1.1 port 1645 ....
> >
> > Code: Access-Request
> > Identifier: 164
> > Authentic: <155>1<29><187>I<135><252><7><192>F<129><134>]<159><16>I
> > Attributes:
> > NAS-IP-Address = 10.69.1.1
> > NAS-Port = 43
> > NAS-Port-Type = Async
> > User-Name = "fluxus"
> > Called-Station-Id = "6642"
> > Calling-Station-Id = "672085196"
> > CHAP-Password =
> > "<3><189><1><235>Vm#<238>J<204><242><180>@<0><=<203>"
> > Service-Type = Framed-User
> > Framed-Protocol = PPP
> >
> > Fri Sep 8 16:05:17 2000: DEBUG: Check if Handler
> Called-Station-Id = 6642
> > should be used to handle this request
> > Fri Sep 8 16:05:17 2000: DEBUG: Handling request with Handler
> > 'Called-Station-Id = 6642'
> > Fri Sep 8 16:05:17 2000: DEBUG: Deleting session for fluxus,
> 10.69.1.1, 43
> > Fri Sep 8 16:05:17 2000: DEBUG: Handling with Radius::AuthSQL
> > Fri Sep 8 16:05:17 2000: DEBUG: Handling with Radius::AuthSQL
> > Fri Sep 8 16:05:17 2000: DEBUG: Query is: select PASSWORD from
> SUBSCRIBERS
> > where USERNAME='fluxus'
> >
> > Fri Sep 8 16:05:17 2000: DEBUG: Radius::AuthSQL looks for
> match with fluxus
> > Fri Sep 8 16:05:17 2000: DEBUG: Radius::AuthSQL ACCEPT:
> > Fri Sep 8 16:05:17 2000: DEBUG: Access accepted for fluxus
> > Fri Sep 8 16:05:17 2000: DEBUG: Packet dump:
> > *** Sending to 10.69.1.1 port 1645 ....
> > Code: Access-Accept
> > Identifier: 164
> > Authentic: <155>1<29><187>I<135><252><7><192>F<129><134>]<159><16>I
> > Attributes:
> >
> > In the mySQL SUBSCRIBERS, I have :
> >
> > mysql> select * from SUBSCRIBERS
> > -> ;
> >
> +----------+----------+-------------------+-----------------------
-----+----
> >
> ------------------------------------------------------------------
> ----------
> > ----------+
> > | USERNAME | PASSWORD | ENCRYPTEDPASSWORD | CHECKATTR |
> > REPLYATTR
> > |
> >
> +----------+----------+-------------------+-----------------------
-----+----
> >
> ------------------------------------------------------------------
> ----------
> > ----------+
> > | mikem | fred | 1xMKc0GIVUNbE | Service-Type = Framed-User |
> > Framed-Protocol = PPP,Framed-IP-Netmask = 255.255.255.0,cisco-avpair =
> > "testing testing" |
> > | fluxus | fred | 1xMKc0GIVUNbE | Service-Type = Framed-User |
> > Framed-Protocol = PPP,Framed-IP-Netmask = 255.255.255.0,Framed-Group=0
> > |
> >
> +----------+----------+-------------------+-----------------------
-----+----
> >
> ------------------------------------------------------------------
> ----------
> > ----------+
> >
> > The Reply attibutes should be OK since that worked if defined in a flat
> > file.
> >
> > Any idea about that problem ?
> >
>
> Please have a look at section 6.26 in the reference manual to
> find out about
> all the options available with AuthBy SQL.
>
> In this case, you are seeing the default behaviour, and if you
> want to include
> check item and reply item handling you will have to change the
> AuthSelect and
> AuthColumnDef parameters to suit. You can find the details in Example 2 in
> section 6.26.7 of the Radiator 2.16.3 manual.
>
> Note that you will also have to make some changes for SQL accounting.
>
> > Other questions :
> >
> > - is the accounting table RADUSAGE%Y%m%d created automatically
> ? I want to
> > use daily accounting table since I need to do daily statistics.
> Is it a good
> > idea in terms of SQL database behaviour to have one table per day ?
>
> The SQL tables are not created automatically. And keeping the table sizes
> relatively small is a good idea - you could also consider weekly
> or monthly.
>
> > - how could i get the number of max simultaneous PPP sessions
> per user and
> > for all users with SQL accounting ?
>
> You will need to create SQL queries to post-process your accounting logs.
>
> > - how could i get the number of sessions per user in radacct.cgi ?
>
> You will see the session details, but radaact.cgi is not a reporting tool.
>
> > - how could I export the table of radacct.cgi to CVS table to
> be emailed ?
>
> You will need to create an external SQL report (or use something
> like Crystal
> Reports).
>
> > - I would like to find a simple Web interface to the administration of
> > SUBSCRIBERS table (Freeside administration is too complicate).
> Does anyone
> > know one ?
> >
>
> You could have a look at our RAdmin product for user administration.
>
> http://www.open.com.au/radmin/
>
> regards
>
> Hugh
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>
>
>
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
