Phil Mayers wrote:
How about a config item like so:
username Pap-Auth-DelegateTo := moduleinstancename
and make rlm_pap the ONLY valid option in authorize/authenticate.
rlm_pap, when called in authenticate, checks if the config item is set.
If so, it finds the given module
Alan DeKok wrote:
Phil Mayers wrote:
How about a config item like so:
username Pap-Auth-DelegateTo := moduleinstancename
and make rlm_pap the ONLY valid option in authorize/authenticate.
rlm_pap, when called in authenticate, checks if the config item is set.
If so, it finds the given
Alan DeKok wrote:
In addition, if anyone can figure out a clear way to configure this in
the server, I'd like to know...
How about a config item like so:
usernamePap-Auth-DelegateTo := moduleinstancename
and make rlm_pap the ONLY valid option in authorize/authenticate.
rlm_pap,
Hello all,
I have a configuration where I allow users to get onto the wireless
network by authenticating with EAP-TLS or with EAP-GTC inside of
EAP-TTLS. If they have a cert, then they authenticate with EAP-TLS, and
if they have a password, then they authenticate with EAP-TTLS/EAP-GTC
which in
John T. Guthrie wrote:
As it turns out, I have a configuration that accomplishes all of this
*perfectly*.
If it works...
I should stress, this accomplishes *exactly* what I want. That said, it
also involves explicit setting of Auth-Type. I have seen in more than
one place that this is a
On Fri, 2007-03-16 at 09:40 +0100, Alan DeKok wrote:
John T. Guthrie wrote:
As it turns out, I have a configuration that accomplishes all of this
*perfectly*.
If it works...
Well, it's been doing what I want it to do for about 7+ months, so I'd
say that qualifies as working. ;-) Now
John T. Guthrie wrote:
So are you saying that FreeRADIUS sometimes needs some assistance when
dealing with authentication oracles? That is, it needs to be told when
to use them?
Yes. The oracles are things like Kerberos, Active Directory, or a
proxying to another RADIUS server. There is
7 matches
Mail list logo
