(RADIATOR) AuthSQL looks for match

William Hernandez whr at essnet.com
Fri Oct 5 14:22:00 CDT 2001 

Hello everyone,

We have users that will be handled by the handler clause
Handler Called-Station-Id=/5050$/.

Some accounts will be assigned an IP address that is found
in the users file. All users will be authenticated against
Platypus.

We're testing using:
radpwtst -trace -s www.prw.net -user cumminspr -password
mypassword -auth_port 1812 -
noacct -secret mysecret -dictionary /etc/raddb/dictionary.prw
Called-Station-Id
=6415050

There's a problem in

Fri Oct  5 15:03:26 2001: DEBUG: Query is: select password,
active, timeleft, bl
ockuser, guarantor from customer where username='cumminspr' and
active='Y'
Fri Oct  5 15:03:26 2001: DEBUG: Radius::AuthSQL looks for match
with cumminspr@
prdigital.com

In the first line there's a username='cumminspr' which is what I
expect to see in '%u'. However, the AuthSQL says that it's
looking for 'cumminspr at prdigital.com' and fails. Where did I go
wrong?

Thanks in advance,
William
Using Radiator 2.18.2 on RH 7.1.

----------------------------------- Users
file ------------------------------------
cumminspr at prdigital.com
        Service-Type = Framed-User,
        Framed-Protocol = PPP,
        Framed-IP-Address = 208.249.79.280,
        Framed-IP-Netmask = 255.255.255.255,
        Framed-Compression = Van-Jacobson-TCP-IP,
        Ascend-Idle-Limit = 0,
        Idle-Timeout = 0

----------------------------------
radius.cfg ------------------------------------
<AuthBy FILE>
        Identifier Check-FILE
        Filename /etc/raddb/users
        NoDefaultIfFound
</AuthBy>

<AuthBy SQL>
        Identifier prdigital-plat

        DBSource        dbi:Sybase:database=prdigital
        DBUsername    *
        DBAuth            *

        AuthSelect select password, active, timeleft, blockuser,
guarantor \
               from customer where username='%u' and active='Y'
        AuthColumnDef   0, User-Password, check

        AddToReply Service-Type = Framed-User, \
                Framed-Protocol = PPP, \
                Framed-IP-Netmask = 255.255.255.255, \
                Framed-Compression = Van-Jacobson-TCP-IP, \
                Ascend-Idle-Limit = 900
         NoDefault
</AuthBy>

<Handler Called-Station-Id=/5050$/>
        RewriteUsername s/(.*)/$1\@prdigital.com/
        SessionDatabase prdigital-sessiondb

        AuthByPolicy ContinueUntilLastAuthBy
        AuthBy Check-FILE
        AuthBy prdigital-plat

        PostAuthHook file:"/etc/raddb/setSessionTimeout"
        AcctLogFileName /var/log/radacct/prdigital/detail
        PasswordLogFileName
/var/log/radacct/prdigital/radius.log
        ExcludeFromPasswordLog  root
</Handler>

----------------------------------- Here's a trace
4 ------------------------------------.
Fri Oct  5 15:00:19 2001: INFO: Server started: Radiator 2.18.2
on www.prw.net
Fri Oct  5 15:00:23 2001: INFO: Trace level changed to 4
Fri Oct  5 15:00:23 2001: INFO: Trace level increased to 4
Fri Oct  5 15:03:25 2001: DEBUG: Packet dump:
*** Received from 208.249.78.3 port 50990 ....
Code:       Access-Request
Identifier: 250
Authentic:  1234567890123456
Attributes:
        User-Name = "cumminspr"
        Service-Type = Framed-User
        NAS-IP-Address = 203.63.154.1
        NAS-Port = 1234
        NAS-Port-Type = Async
        User-Password =
"<215><138><169><156><243>$<144><5><164><133><228><174><
1>H<30>x"
        Called-Station-Id = "6415050"

Fri Oct  5 15:03:25 2001: DEBUG: Check if Handler
Realm=surfea.net should be use
d to handle this request
Fri Oct  5 15:03:25 2001: DEBUG: Check if Handler
Realm=prwebtv.net should be us
ed to handle this request
Fri Oct  5 15:03:25 2001: DEBUG: Check if Handler
Realm=prdigital.com should be
used to handle this request
Fri Oct  5 15:03:25 2001: DEBUG: Check if Handler
Called-Station-Id=/5050$/ shou
ld be used to handle this request
Fri Oct  5 15:03:25 2001: DEBUG: Handling request with Handler
'Called-Station-I
d=/5050$/'
Fri Oct  5 15:03:25 2001: DEBUG: Rewrote user name to
cumminspr at prdigital.com
Fri Oct  5 15:03:25 2001: DEBUG: prdigital-sessiondb Deleting
session for cummin
spr, 203.63.154.1, 1234
Fri Oct  5 15:03:25 2001: DEBUG: do query is: delete from
RADONLINE where NASIDE
NTIFIER='203.63.154.1' and NASPORT=01234

Fri Oct  5 15:03:25 2001: DEBUG: Handling with Radius::AuthFILE
Fri Oct  5 15:03:25 2001: DEBUG: Radius::AuthFILE looks for match
with cumminspr
@prdigital.com
Fri Oct  5 15:03:25 2001: DEBUG: Radius::AuthFILE ACCEPT:
Fri Oct  5 15:03:25 2001: DEBUG: Handling with Radius::AuthSQL
Fri Oct  5 15:03:26 2001: DEBUG: Handling with Radius::AuthSQL
Fri Oct  5 15:03:26 2001: DEBUG: Query is: select password,
active, timeleft, bl
ockuser, guarantor from customer where username='cumminspr' and
active='Y'

Fri Oct  5 15:03:26 2001: DEBUG: Radius::AuthSQL looks for match
with cumminspr@
prdigital.com
Fri Oct  5 15:03:26 2001: DEBUG: Radius::AuthSQL REJECT: Bad
Password
Fri Oct  5 15:03:26 2001: DEBUG: Processing
PostAuthHook:setSessionTimeout
Fri Oct  5 15:03:26 2001: DEBUG: setSessionTimeout: username is:
cumminspr at prdig
ital.com
Fri Oct  5 15:03:26 2001: DEBUG: setSessionTimeout:
Called-Station-Id is: 641505
0
Fri Oct  5 15:03:26 2001: INFO: Access rejected for
cumminspr at prdigital.com: Bad
 Password
Fri Oct  5 15:03:26 2001: DEBUG: Packet dump:
*** Sending to 208.249.78.3 port 50990 ....
Code:       Access-Reject
Identifier: 250
Authentic:  1234567890123456
Attributes:
        Framed-IP-Address = 208.249.79.280
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Framed-IP-Netmask = 255.255.255.255
        Framed-Compression = Van-Jacobson-TCP-IP
        Ascend-Idle-Limit = 0
        Idle-Timeout = 0
        Reply-Message = "Request Denied"

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list