(RADIATOR) Radiator, SQL and null passwords
Bon sy
bon at bunny.cs.qc.edu
Fri Jul 25 10:53:02 CDT 2003
Richard,
Could it be something as simple as the following?
select decode(user, <username>, 'ACCEPT', 'DENIED')
from user_table
where user = <username> and pass = <password>;
<username> and <password> are sent from radiator to the Oracle
DB. "user" and "pass" are username and password attributes in a table
called "user_table" in the Oracle DB schema. 'ACCEPT' and 'DENIED' are to
be replaced by whatever attributes of your NAS can recognize.
Bon
On Fri, 25 Jul 2003, Richard Grantham wrote:
> Hi list,
>
> We are authenticating users against an Oracle database and there is a
> particular Radiator (at least I assume it's Radiator) behaviour which we
> would like to eliminate.
>
> Concerning users with null passwords (i.e. a database null in the
> password field. When a password is supplied and the user has a null
> password access is granted. We would like to make it so that if a
> password has been supplied when the user has a null password then access
> is denied. I can't see a configuration attribute for this and. I've
> seen the previous posts on null passwords but they are not really
> related.
>
> Any thoughts?
>
> Richard
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list