(RADIATOR) PEAP config and proxying

Rute Sofia rsofia at seas.upenn.edu
Mon Apr 21 05:07:23 CDT 2003 

Hello Christian, Hugh ,

UserNamewithoutRealms does not work with the inner peap authentication, 
the same thing happens, i.e., there's no stripping of the realm on the 
inner credentials. However, the problem is solved, since Mike and Hugh 
provided a patch that allows to use the rewriteusername clause within 
the authby, for mschap-v2.

regards,
rute

Hugh Irvine wrote:

>
> Hello Christian, Hello Rute -
>
> I'm not sure if this will work or not - try it and see and let me know 
> if it does.
>
> regards
>
> Hugh
>
>
> On Thursday, Apr 17, 2003, at 04:01 Australia/Melbourne, Christian 
> Wiedmann wrote:
>
>> I see what you're saying.  Can you use UsernameMatchesWithoutRealm 
>> (in the
>> AuthBy FILE) to get the right behavior on the inner auth?
>>
>>     -Christian
>>
>> On Wed, 16 Apr 2003, Rute Sofia wrote:
>>
>>> As Hugh said, there's no way to move the rewrite to the inner request,
>>> right? That is actually a problem because as Hugh said, it obliges our
>>> users to enter the name without the domain.
>>>
>> < >
>>
>>>> Also, you didn't mention whether you want to forward just the inner 
>>>> request,
>>>> or the whole PEAP transaction.  The way you've written the config 
>>>> right now
>>>> makes it look like you're doing the latter.  If this is 
>>>> unintentional, you
>>>> probably want to add a TunneledByPEAP=1 to the forwarding handler.  
>>>> Otherwise,
>>>> add TunneledByPeap=0 to prevent it from trying to forward failed inner
>>>> requests.
>>>>
>>>>
>>> I want to fw the whole transaction. And that is working. My only 
>>> problem
>>> is handling credentials (inner) that arrive as user at mydomain.xpto.
>>>
>>>
>>> Regards,
>>> Rute
>>>
>>> ===
>>> Archive at http://www.open.com.au/archives/radiator/
>>> Announcements on radiator-announce at open.com.au
>>> To unsubscribe, email 'majordomo at open.com.au' with
>>> 'unsubscribe radiator' in the body of the message.
>>>
>>
>>
>
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list