Re: (RADIATOR) AuthBy SQL question
Hello Froilan - On Sat, 10 Jun 2000, Froilan Mendoza wrote: Hello Hugh, Thanks for responding ... On Sat, 10 Jun 2000, Hugh Irvine wrote: I notice that your Postgress table definitions are in lower case, and your AuthSelect is in upper case. Is this correct? Postgres is not case-sensitive. radiator= select PASSWORD from SUBSCRIBERS where USERNAME = 'mikem'; password fred (1 row) Also, if you want to use the "checkattr" and "replyattr" fields, you will need to modify your AuthSelect statement together with the corresponding AuthColumnDef's. Of course. Only I would like to do the most simple auth method first before complicating things for me :) And does the inbound test packet in fact contain a password of "fred"? Of course. I even tried NULLING the password in the postgres database (as it said in the docs that if the password is NULL, it would accept ANY password), to no avail. You might try something like this: Realm testroy RewriteUsername s/^([^@]+).*/$1/ AuthBy SQL DBSourcedbi:Pg:dbname=radiator DBUsername postgres DBAuth MYPOSTGRESPASSWORD AuthSelect select password from subscribers where \ username='%n' AuthColumnDef 0, User-Password, check AccountingTable accounting AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASIDENTIFIER,NAS-IP-Address AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address /AuthyBy /Realm If the field names are indeed case-sensitive, you will have to change the AcctColumnDef's as well. I did, however, still tried your config above, changing the case of the letters. I still get this: Sat Jun 10 10:44:37 2000: DEBUG: Handling request with Handler 'Realm=testroy' Sat Jun 10 10:44:37 2000: DEBUG: Rewrote user name to mikem Sat Jun 10 10:44:37 2000: DEBUG: Deleting session for mikem@testroy, 208.155.152.42, 1025 Sat Jun 10 10:44:37 2000: DEBUG: Handling with Radius::AuthSQL Sat Jun 10 10:44:37 2000: DEBUG: Handling with Radius::AuthSQL Sat Jun 10 10:44:37 2000: DEBUG: Query is: select password from subscribers where username='mikem' Sat Jun 10 10:44:37 2000: DEBUG: Radius::AuthSQL looks for match with mikem Sat Jun 10 10:44:37 2000: DEBUG: Radius::AuthSQL REJECT: Bad Password Sat Jun 10 10:44:37 2000: DEBUG: Query is: select password from subscribers where username='DEFAULT' Sat Jun 10 10:44:37 2000: INFO: Access rejected for mikem: Bad Password Sat Jun 10 10:44:37 2000: DEBUG: Packet dump: *** Sending to 208.155.152.42 port 1645 Additional question -- Why do I get Query is: select password from subscribers where username='DEFAULT'. This might be the cause ... Well, the only other thing I can think of is that you are getting the encrypted password instead of the plaintext password for some reason. You could try: AuthSelect select password from subscribers where \ username='%n' AuthColumnDef 0, Encrypted-Password, check Just to see what happens. Radiator will always look for a DEFAULT user unless you disable that feature. regards Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) AuthBy SQL question
Hello. I am curious with AuthBy SQL and decided to try it out. After a few tries, however, I can't get logged in, using the most basic AuthSelect and the tables/data contained in goodies/postgresCreate.sql. I get this error complaining about incorrect password: Fri Jun 9 20:42:02 2000: DEBUG: Handling request with Handler 'Realm=testroy' Fri Jun 9 20:42:02 2000: DEBUG: Rewrote user name to mikem Fri Jun 9 20:42:02 2000: DEBUG: Deleting session for mikem@testroy, 208.155.152.42, 1025 Fri Jun 9 20:42:02 2000: DEBUG: Handling with Radius::AuthSQL Fri Jun 9 20:42:02 2000: DEBUG: Handling with Radius::AuthSQL Fri Jun 9 20:42:02 2000: DEBUG: Query is: select PASSWORD from SUBSCRIBERS where USERNAME='mikem' Fri Jun 9 20:42:02 2000: DEBUG: Radius::AuthSQL looks for match with mikem Fri Jun 9 20:42:02 2000: DEBUG: Radius::AuthSQL REJECT: Bad Password Fri Jun 9 20:42:02 2000: DEBUG: Query is: select PASSWORD from SUBSCRIBERS where USERNAME='DEFAULT' Here's my AuthBy SQL config: Realm testroy RewriteUsername s/^([^@]+).*/$1/ AuthBy SQL DBSourcedbi:Pg:dbname=radiator DBUsername postgres DBAuth MYPOSTGRESPASSWORD AccountingTable accounting AuthSelect select PASSWORD from SUBSCRIBERS where USERNAME='%n' AuthColumnDef 0, User-Password, check AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASIDENTIFIER,NAS-IP-Address AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address /AuthyBy /Realm My subscribers table (from the goodies directory): radiator= select * from subscribers; username|password|encryptedpassword|checkattr |replyattr ++-+--+ mikem |fred|1xMKc0GIVUNbE|Service-Type = Framed-User|Framed-Protocol = PPP,Framed-IP-Netmask = 255.255.255.0,cisco-avpair = "testing testing" (1 row) What am I missing? TIA. Sincerely, Froilan C. Mendoza Manager - Systems Management Tridel Technologies, Inc. http://www.tridel.net === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) AuthBy SQL question
Hello Hugh, Thanks for responding ... On Sat, 10 Jun 2000, Hugh Irvine wrote: I notice that your Postgress table definitions are in lower case, and your AuthSelect is in upper case. Is this correct? Postgres is not case-sensitive. radiator= select PASSWORD from SUBSCRIBERS where USERNAME = 'mikem'; password fred (1 row) Also, if you want to use the "checkattr" and "replyattr" fields, you will need to modify your AuthSelect statement together with the corresponding AuthColumnDef's. Of course. Only I would like to do the most simple auth method first before complicating things for me :) And does the inbound test packet in fact contain a password of "fred"? Of course. I even tried NULLING the password in the postgres database (as it said in the docs that if the password is NULL, it would accept ANY password), to no avail. You might try something like this: Realm testroy RewriteUsername s/^([^@]+).*/$1/ AuthBy SQL DBSourcedbi:Pg:dbname=radiator DBUsername postgres DBAuth MYPOSTGRESPASSWORD AuthSelect select password from subscribers where \ username='%n' AuthColumnDef 0, User-Password, check AccountingTable accounting AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASIDENTIFIER,NAS-IP-Address AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address /AuthyBy /Realm If the field names are indeed case-sensitive, you will have to change the AcctColumnDef's as well. I did, however, still tried your config above, changing the case of the letters. I still get this: Sat Jun 10 10:44:37 2000: DEBUG: Handling request with Handler 'Realm=testroy' Sat Jun 10 10:44:37 2000: DEBUG: Rewrote user name to mikem Sat Jun 10 10:44:37 2000: DEBUG: Deleting session for mikem@testroy, 208.155.152.42, 1025 Sat Jun 10 10:44:37 2000: DEBUG: Handling with Radius::AuthSQL Sat Jun 10 10:44:37 2000: DEBUG: Handling with Radius::AuthSQL Sat Jun 10 10:44:37 2000: DEBUG: Query is: select password from subscribers where username='mikem' Sat Jun 10 10:44:37 2000: DEBUG: Radius::AuthSQL looks for match with mikem Sat Jun 10 10:44:37 2000: DEBUG: Radius::AuthSQL REJECT: Bad Password Sat Jun 10 10:44:37 2000: DEBUG: Query is: select password from subscribers where username='DEFAULT' Sat Jun 10 10:44:37 2000: INFO: Access rejected for mikem: Bad Password Sat Jun 10 10:44:37 2000: DEBUG: Packet dump: *** Sending to 208.155.152.42 port 1645 Additional question -- Why do I get Query is: select password from subscribers where username='DEFAULT'. This might be the cause ... Hoping for your continued support ... Thanks. Sincerely, Froilan C. Mendoza Manager - Systems Management Tridel Technologies, Inc. http://www.tridel.net === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
