Re: radius-apache authentication problem
FWIW, I have had a chance to test this on 2.2.3 and it did not work for me either. Not sure if it is a bug in apache or a change has been made and the mod_auth modules need updating. On 3/29/07, Nick Owen <[EMAIL PROTECTED]> wrote: > On 3/28/07, Ramazan Ulker <[EMAIL PROTECTED]> wrote: > > Hi > > these are error lines in apache error log and apache conf files. thanks for > > your assistance > > No problem. The fewer passwords the better :). I don't see anything > that stands out. However, when I set up apache with our two-factor I > did everything inside of httpd.conf inside the vhost listing: > > > > > AuthType Basic > AuthName "WiKID Two-factor + Apache" > AuthXRadiusAddServer "wikid_server:1812" "radius_secret" > AuthXRadiusTimeout 7 > AuthXRadiusRetries 2 > require valid-user > > > > So, perhaps apache is getting confused about what mechanism to use > where, putting it all in one place might clarify things. > > HTH, > > Nick > > -- > Nick Owen > WiKID Systems, Inc. > 404.962.8983 (desk) > 404.542.9453 (cell) > http://www.wikidsystems.com > At last, two-factor authentication, without the hassle factor > Now open source: http://sourceforge.net/projects/wikid-twofactor/ > -- Nick Owen WiKID Systems, Inc. 404.962.8983 (desk) 404.542.9453 (cell) http://www.wikidsystems.com At last, two-factor authentication, without the hassle factor Now open source: http://sourceforge.net/projects/wikid-twofactor/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radius-apache authentication problem
On 3/28/07, Ramazan Ulker <[EMAIL PROTECTED]> wrote: > Hi > these are error lines in apache error log and apache conf files. thanks for > your assistance No problem. The fewer passwords the better :). I don't see anything that stands out. However, when I set up apache with our two-factor I did everything inside of httpd.conf inside the vhost listing: AuthType Basic AuthName "WiKID Two-factor + Apache" AuthXRadiusAddServer "wikid_server:1812" "radius_secret" AuthXRadiusTimeout 7 AuthXRadiusRetries 2 require valid-user So, perhaps apache is getting confused about what mechanism to use where, putting it all in one place might clarify things. HTH, Nick -- Nick Owen WiKID Systems, Inc. 404.962.8983 (desk) 404.542.9453 (cell) http://www.wikidsystems.com At last, two-factor authentication, without the hassle factor Now open source: http://sourceforge.net/projects/wikid-twofactor/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radius-apache authentication problem
Hi these are error lines in apache error log and apache conf files. thanks for your assistance [Wed Mar 28 09:26:27 2007] [error] [client 127.0.0.1] (9)Bad file descriptor: Could not open password file: (null) [Wed Mar 28 09:26:27 2007] [crit] [client 127.0.0.1] configuration error: couldn't check user. No user file?: /favicon.ico .htaccess file content AuthType Basic AuthBasicAuthoritative off AuthName "RADIUS authentication for localhost" AuthXRadiusAddServer "localhost:1812" "testing123" AuthXRadiusTimeout 2 AuthXRadiusRetries 2 require valid-user httpd.conf relevant part vhost.conf is similar except directory path DocumentRoot "/home/web" Options FollowSymLinks AllowOverride All Order allow,deny Allow from all and apache modules APACHE_MODULES="actions alias auth_xradius auth_basic authn_file authz_host authz_groupfile authz_default authz_user authn_dbm autoindex cgi dir env expires include info log_config mime negotiation setenvif ssl suexec status userdir php5 vhost_alias" these modules suceessfully imported to loadmodule.conf On 3/27/07, Nick Owen <[EMAIL PROTECTED]> wrote: On 3/27/07, Ramazan Ulker <[EMAIL PROTECTED]> wrote: > no change, same errors. mod_auth_xradius don't work in apache 2.2.3 I have only tested with 2.2.2. FWIW, authn_file_module is loaded. Why don't you post the relevant portions of your htaccess and httpd.conf files. -- Nick Owen WiKID Systems, Inc. 404.962.8983 (desk) 404.542.9453 (cell) http://www.wikidsystems.com At last, two-factor authentication, without the hassle factor Now open source: http://sourceforge.net/projects/wikid-twofactor/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radius-apache authentication problem
On 3/27/07, Ramazan Ulker <[EMAIL PROTECTED]> wrote: > no change, same errors. mod_auth_xradius don't work in apache 2.2.3 I have only tested with 2.2.2. FWIW, authn_file_module is loaded. Why don't you post the relevant portions of your htaccess and httpd.conf files. -- Nick Owen WiKID Systems, Inc. 404.962.8983 (desk) 404.542.9453 (cell) http://www.wikidsystems.com At last, two-factor authentication, without the hassle factor Now open source: http://sourceforge.net/projects/wikid-twofactor/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radius-apache authentication problem
no change, same errors. mod_auth_xradius don't work in apache 2.2.3 On 3/26/07, Nick Owen <[EMAIL PROTECTED]> wrote: You might try using mod_auth_xradius: http://www.outoforder.cc/projects/apache/mod_auth_xradius/ More information can be found here: http://www.howtoforge.com/apache_radius_two_factor_authentication HTH, Nick On 3/26/07, Ramazan Ulker <[EMAIL PROTECTED]> wrote: > Hi > I want to implement otp authentication for a web site. Radius and otp > scripts works well together but apache don't send any authentication data to > radius. I followed instructions in > http://www.freeradius.org/mod_auth_radius/ but apache > mod_authn_file wants passwords and could not be disabled. when i removed the > module no authn provider configured are seen in apache error logs. Changing > AuthBasicAuthorative on or off in .htaccess didn't solve the problem. > Problem stems from apache but someone solves such a problem can respond me. > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > -- Nick Owen WiKID Systems, Inc. 404.962.8983 (desk) 404.542.9453 (cell) http://www.wikidsystems.com At last, two-factor authentication, without the hassle factor Now open source: http://sourceforge.net/projects/wikid-twofactor/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radius-apache authentication problem
You might try using mod_auth_xradius: http://www.outoforder.cc/projects/apache/mod_auth_xradius/ More information can be found here: http://www.howtoforge.com/apache_radius_two_factor_authentication HTH, Nick On 3/26/07, Ramazan Ulker <[EMAIL PROTECTED]> wrote: > Hi > I want to implement otp authentication for a web site. Radius and otp > scripts works well together but apache don't send any authentication data to > radius. I followed instructions in > http://www.freeradius.org/mod_auth_radius/ but apache > mod_authn_file wants passwords and could not be disabled. when i removed the > module no authn provider configured are seen in apache error logs. Changing > AuthBasicAuthorative on or off in .htaccess didn't solve the problem. > Problem stems from apache but someone solves such a problem can respond me. > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > -- Nick Owen WiKID Systems, Inc. 404.962.8983 (desk) 404.542.9453 (cell) http://www.wikidsystems.com At last, two-factor authentication, without the hassle factor Now open source: http://sourceforge.net/projects/wikid-twofactor/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radius-apache authentication problem
Hi I want to implement otp authentication for a web site. Radius and otp scripts works well together but apache don't send any authentication data to radius. I followed instructions in http://www.freeradius.org/mod_auth_radius/ but apache mod_authn_file wants passwords and could not be disabled. when i removed the module no authn provider configured are seen in apache error logs. Changing AuthBasicAuthorative on or off in .htaccess didn't solve the problem. Problem stems from apache but someone solves such a problem can respond me. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html