(RADIATOR) PEAP config and proxying
Rute Sofia
rsofia at seas.upenn.edu
Wed Apr 16 05:00:34 CDT 2003
>
>
>You've attached the RewriteUserName to the Handler for the outer request, not
>the inner. Since the actual user name being authenticated is in the TLS tunnel,
>it is not rewritten (see the MSCHAP-V2 debug messages). You probably need to
>move the RewriteUserName to the inner handler.
>
>
As Hugh said, there's no way to move the rewrite to the inner request,
right? That is actually a problem because as Hugh said, it obliges our
users to enter the name without the domain.
>
>Also, you didn't mention whether you want to forward just the inner request,
>or the whole PEAP transaction. The way you've written the config right now
>makes it look like you're doing the latter. If this is unintentional, you
>probably want to add a TunneledByPEAP=1 to the forwarding handler. Otherwise,
>add TunneledByPeap=0 to prevent it from trying to forward failed inner
>requests.
>
>
I want to fw the whole transaction. And that is working. My only problem
is handling credentials (inner) that arrive as user at mydomain.xpto.
Regards,
Rute
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list