Re: (RADIATOR) AuthBy SQL problem

2003-10-15 Thread Hugh Irvine 
Hello Adam -

All you really need to do is use a RewriteUsername and a 
CaseInsensitivePasswords with a single AuthBy SQL.

regards

Hugh

On Thursday, Oct 16, 2003, at 00:27 Australia/Melbourne, Adam 
Pogorzelski wrote:

Hello,
I have such a problem. I have users in mysql database, and few so 
called
multilogin users. These multilogins have simple passwords created by
username, for example ppp/ppp. Problem is, that i need to authenticate
these combination as the same user:
ppp/ppp, PPP/PPP, ppp/PPP, PPP/ppp.
For now i am including to one Handler two authby's config files,
one with normal AuthSelect, and second with Authselect 'select
ucase(PASSWORD)'.
Because i have many Handlers, and for each Handler is two configs, i 
want
to minimize all configuration.
So my question is: is it possible to put in AuthBy clause two 
AuthSelect's ?
Similiar to AuthByPolicy ?

Btw, for each failed Radius::AuthSQL i have one insert to database with
info about it, and if i have four login/pass combination, i can have 
three
inserts to database with fail info.

ps. I may be wrong, but does Radiator isn't sql injection aware ?
Sat Oct 11 06:51:57 2003: ERR: do failed for 'insert into radauthlog
values (1065847917,'~}#','[EMAIL PROTECTED]'} }4',1,'No such
user','DNIS','CLID')': You have an error in your SQL syntax near '}
}4',1,'No such user','DNIS','CLID')' at line 1
S
--
For proper viewing, take red pill now
   Futurama
AdamP.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) AuthBy SQL problem

2002-01-07 Thread Hugh Irvine 


Hello Sam -

Just specify a suitable AuthSelect:

AuthSelect select PASSWORD where USERNAME = '%n' and STATUS = 'T'
AuthColumnDef 0, User-Password, check

regards

Hugh


On Tue, 8 Jan 2002 12:09, Sam Cheung wrote:
 Hi genius,

 I am using AuthBy SQL to authenticate users. However, I would like to
 verifiy the user's username, password and status=T. So, How, can I
 rewrite the statement in sq.cfg to make it works.
 Thanks so much for paying attention.

 ---
 Regards,

 Sam Cheung
 E-mail: [EMAIL PROTECTED]


 ===
 Archive at http://www.open.com.au/archives/radiator/
 Announcements on [EMAIL PROTECTED]
 To unsubscribe, email '[EMAIL PROTECTED]' with
 'unsubscribe radiator' in the body of the message.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.