(RADIATOR) Problem stopping users from logging in as username@
Mike McCauley
mikem at open.com.au
Sat Jul 28 14:20:08 CDT 2001
--- Forwarded mail from owner-radiator at open.com.au
From: owner-radiator at open.com.au
Date: Fri, 27 Jul 2001 18:00:34 -0500
To: radiator-approval at open.com.au
Subject: BOUNCE radiator at open.com.au: Non-member submission from [Elias
<elias at tmnet.com.my>]
>From mikem at server1.open.com.au Fri Jul 27 18:00:33 2001
Received: from ipop3 (ipop3.tm.net.my [202.188.0.247])
by server1.open.com.au (8.11.0/8.11.0) with ESMTP id f6RN0W310546
for <radiator at open.com.au>; Fri, 27 Jul 2001 18:00:33 -0500
Disposition-notification-to: elias at tmnet.com.my
Received: from elias (parkview-100-227.tm.net.my [202.188.100.227])
by ipop3.tm.net.my (iPlanet Messaging Server 5.1 (built May 7 2001))
with SMTP id <0GH500M2YRPY6U at ipop3.tm.net.my> for radiator at open.com.au; Sat,
28 Jul 2001 08:51:34 +0800 (SGT)
Date: Sat, 28 Jul 2001 08:55:04 +0800
From: Elias <elias at tmnet.com.my>
Subject: Problem stopping users from logging in as username@
To: radiator at open.com.au
Message-id: <002b01c116ff$f2b982c0$150010ac at tm.net.my>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
Content-type: text/plain; charset=iso-8859-1
Content-transfer-encoding: 7BIT
X-Priority: 3
X-MSMail-priority: Normal
Hi Hugh,
I've got a puzzling problem here and I hope that you can help me out. I want
to stop users from logging in with username at . These logins messes up the
billing process (users get charged as roaming). Below is a sample of my
config file. I've tested the config using radpwtst and it works fine. Logins
with just an @ without any domain gets rejected. The problem is whenever a
user dials-up and puts just the @ after his/her username, the system lets
him/her through. Is there anything else I need to do with my config? BTW,
I'm using Radiator-2.18.2.
Sample output from radpwtst :
radius12: # radpwtst -user test123 -password xxx -noacct
sending Access-Request...
OK
radius12: # radpwtst -user test123@ -password xxx -noacct
sending Access-Request...
Rejected: No such user
---- radius.cfg ---
<Realm >
#RewriteUsername s/^([^@]+).*/$1/
RewriteUsername tr/[A-Z]/[a-z]/
RejectHasReason
AuthByPolicy ContinueWhileIgnore
<AuthBy SQL>
FailureBackoffTime 1
DBSource dbi:Oracle:host=xxx;sid=subscbr
DBUsername xxx
DBAuth xxx
Timeout 30
DBSource dbi:Oracle:host=xxx;sid=subscbr
DBUsername xxx
DBAuth xxx
Timeout 30
AuthSelect select ENCRYPTEDPASSWORD, reply_attr from \
SUBSCRIBERS where LOGIN='%n' and STATUS=1
AuthColumnDef 0, Encrypted-Password, check
AuthColumnDef 1, GENERIC, reply
</AuthBy>
</Realm>
<Realm DEFAULT>
#RewriteUsername s/^([^@]+).*/$1/
RewriteUsername tr/[A-Z]/[a-z]/
AuthByPolicy ContinueAlways
RejectHasReason
<AuthBy RADIUS>
Host xxx
Secret xxx
AuthPort 1645
AcctPort 1646
Retries 1
RetryTimeout 60
AddToReply Framed-Protocol = PPP,\
Service-Type = Framed-User,\
Framed-IP-Netmask = 255.255.255.255,\
Framed-Routing = Listen,\
Framed-MTU = 1500,\
Framed-Compression = Van-Jacobson-TCP-IP
</AuthBy>
</Realm>
- Elias -
---End of forwarded mail from owner-radiator at open.com.au
--
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list