(RADIATOR) PAP and CHAP in the same realm
Hugh Irvine
hugh at open.com.au
Wed Jan 22 15:58:01 CST 2003
Hello Terry -
Radiator will handle either PAP or CHAP automatically, as long as the
passwords are stored in cleartext.
regards
Hugh
On Thursday, Jan 23, 2003, at 05:59 Australia/Melbourne, terry at ccis.net
wrote:
> We are currently authenticating via Unix-encrypted passwords stored
> locally
> on the radiator server. We're signing up with a nationwide service that
> uses Qwest as one of their providers, and therefore requires us to use
> both
> PAP and CHAP authentication. I have access to the plaintext
> username/password pairs in a MySQL database, but I have no idea how to
> set
> up for CHAP or possibly PAP in the same realm. Is anybody else set up
> using
> a similar mechanism, and could you give me an idea how you addressed
> the
> problem? Here is what we currently use, if that is of any help: (the
> new
> MySQL database is "plat_rpl", and the table is "customer", in case it
> matters)
>
> <Handler>
> # remove the "@domain" part (if it exists)
> RewriteUsername s/^([^@]+).*/$1/
> # remove spaces
> RewriteUsername s/\s//g
> AuthByPolicy ContinueAlways
> AcctLogFileName %L/detail
> AuthLog logger1
> <AuthBy SQL>
> # AuthSelect with empty string means dont do auth
> AuthSelect
> DBSource dbi:mysql:radius
> DBUsername XXXXXXX
> DBAuth XXXXXXX
> AccountingTable ACCOUNTING
> AcctColumnDef USERNAME,User-Name
> AcctColumnDef TIME_STAMP,Timestamp,integer
> AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
> AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
> AcctColumnDef
> ACCTINPUTOCTETS,Acct-Input-Octets,integer
> AcctColumnDef
> ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> AcctColumnDef
> ACCTSESSIONTIME,Acct-Session-Time,integer
> AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
> AcctColumnDef
> ASCENDDISCONNECTCAUSE,Ascend-Disconnect-Cause
> AcctColumnDef ASCENDDATARATE,Ascend-Data-Rate
> AcctColumnDef ASCENDXMITRATE,Ascend-Xmit-Rate
> AcctColumnDef
> ASCENDCONNECTPROGRESS,Ascend-Connect-Progress
> AcctColumnDef NASIDENTIFIER,NAS-Identifier
> AcctColumnDef NASPORT,NAS-Port,integer
> AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
> AcctColumnDef NASIPADDRESS,NAS-IP-Address
> AcctColumnDef CALLEDSTATIONID,Called-Station-Id
> AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
> AcctColumnDef CONNECTINFO,Connect-Info
> </AuthBy>
> # Make sure they appear in the users2 file
> # Anyone with Auth-Type=UNIX in the users2 file will be
> # authenticated with the AuthBy UNIX above
> <AuthBy FILE>
> Filename %D/users2
> </AuthBy>
>
> </Handler>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list