(RADIATOR) Problem stopping users from logging in as username@

Hugh Irvine hugh at open.com.au
Sat Jul 28 04:24:30 CDT 2001 

Hello Elias -

I would have thought you could use a global RewriteAUsername like this:

# remove trailing "@" sign

RewriteUsername s/\@$//

hth

Hugh


>
>I've got a puzzling problem here and I hope that you can help me out. I want
>to stop users from logging in with username at . These logins messes up the
>billing process (users get charged as roaming). Below is a sample of my
>config file. I've tested the config using radpwtst and it works fine. Logins
>with just an @ without any domain gets rejected. The problem is whenever a
>user dials-up and puts just the @ after his/her username, the system lets
>him/her through. Is there anything else I need to do with my config? BTW,
>I'm using Radiator-2.18.2.
>
>
>Sample output from radpwtst :
>
>radius12: # radpwtst -user test123 -password xxx -noacct
>sending Access-Request...
>OK
>radius12: # radpwtst -user test123@ -password xxx -noacct
>sending Access-Request...
>Rejected: No such user
>
>
>---- radius.cfg ---
>
><Realm >
>         #RewriteUsername s/^([^@]+).*/$1/
>         RewriteUsername  tr/[A-Z]/[a-z]/
>
>         RejectHasReason
>         AuthByPolicy ContinueWhileIgnore
>
>         <AuthBy SQL>
>         FailureBackoffTime 1
>         DBSource        dbi:Oracle:host=xxx;sid=subscbr
>         DBUsername      xxx
>         DBAuth          xxx
>         Timeout 30
>
>         DBSource        dbi:Oracle:host=xxx;sid=subscbr
>         DBUsername      xxx
>         DBAuth          xxx
>         Timeout 30
>
>         AuthSelect select ENCRYPTEDPASSWORD, reply_attr from \
>                  SUBSCRIBERS where LOGIN='%n' and STATUS=1
>         AuthColumnDef 0, Encrypted-Password, check
>         AuthColumnDef 1, GENERIC, reply
>
>         </AuthBy>
></Realm>
>
>
><Realm DEFAULT>
>         #RewriteUsername s/^([^@]+).*/$1/
>         RewriteUsername        tr/[A-Z]/[a-z]/
>
>         AuthByPolicy ContinueAlways
>         RejectHasReason
>
>         <AuthBy RADIUS>
>                 Host xxx
>                 Secret xxx
>                 AuthPort 1645
>                 AcctPort 1646
>         Retries 1
>         RetryTimeout 60
>         AddToReply Framed-Protocol = PPP,\
>         Service-Type = Framed-User,\
>         Framed-IP-Netmask = 255.255.255.255,\
>         Framed-Routing = Listen,\
>         Framed-MTU = 1500,\
>         Framed-Compression = Van-Jacobson-TCP-IP
>         </AuthBy>
></Realm>
>
>
>- Elias -
>
>
>
>
>
>
>---End of forwarded mail from owner-radiator at open.com.au
>
>--
>Mike McCauley                               mikem at open.com.au
>Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
>24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
>Phone +61 3 9598-0985                       Fax   +61 3 9598-0955
>
>Radiator: the most portable, flexible and configurable RADIUS server
>anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
>on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
>===
>Archive at http://www.open.com.au/archives/radiator/
>Announcements on radiator-announce at open.com.au
>To unsubscribe, email 'majordomo at open.com.au' with
>'unsubscribe radiator' in the body of the message.

-- 

NB: I am travelling this week, so there may be delays in our correspondence.

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list