(RADIATOR) Don't want to check for users DEFAULT and DEFAULT1 with AuthBy SQL
Hugh Irvine
hugh at open.com.au
Mon Mar 17 16:02:30 CST 2003
Hello Antonio -
You should use the NoDefault parameter in your AuthBy SQL clause:
<AuthBy SQL>
....
NoDefault
....
</AuthBy>
See section 6.17.12 in the Radiator 3.5 reference manual.
regards
Hugh
On Tuesday, Mar 18, 2003, at 04:31 Australia/Melbourne, Antonio J.
Anton wrote:
> Hello,
>
> I'm configuring Radiator (3.5+patches) in order to work with a
> Subscriber database in mysql. It works fine if the user is in the
> database, but if the user isn't, then Radiator tries to find a user
> 'DEFAULT' which is in the database as a private customer (so the
> password doesn't matchs), then it tries to find a user 'DEFAULT1' that
> isn't in the database.
>
> How can I remove these checks for users DEFAULT and DEFAULT1 for every
> user not in the database?
>
> Thanks in advance,
> Antonio
>
> --------- extract radiator.cfg ----------------
>
> <Realm zzzz>
> ...
> <AuthBy SQL>
> DBSource dbi:mysql:radius:zzz
> DBUsername xxx
> DBAuth yyy
> AuthSelect select PASSWORD, CHECK_ITEMS, REPLY_ITEMS
> from SUBSCRIBERS where LOGIN=%0 and ACTIVO=1
> AuthColumnDef 0, User-Password, check
> AuthColumnDef 1, GENERIC, check
> AuthColumnDef 2, GENERIC, reply
> </AuthBy>
> ...
> </Realm>
>
> ------------ extract logfile LEVEL=4 ---------------
>
> Mon Mar 17 18:12:34 2003: DEBUG: Packet dump:
> *** Received from 172.17.70.24 port 53948 ....
> Code: Access-Request
> Identifier: 184
> Authentic: 1234567890123456
> Attributes:
> User-Name = "qqq at zzzz"
> Service-Type = Framed-User
> NAS-Identifier = "10.10.10.1"
> NAS-Port = 1234
> Client-Port-DNIS = "915554433"
> Caller-Id = "912151059"
> NAS-Port-Type = Async
>
> ...
> Mon Mar 17 18:12:34 2003: DEBUG: DBSSQL Deleting session for qqq ....
> Mon Mar 17 18:12:34 2003: DEBUG: do query is: delete from RADONLINE
> where NASIDENTIFIER='qqq' and NASPORT=01234
>
> Mon Mar 17 18:12:34 2003: DEBUG: Query is: select NASIDENTIFIER,
> NASPORT, ACCTSESSIONID from RADONLINE where USERNAME='qqq'
>
> Mon Mar 17 18:12:34 2003: DEBUG: Handling with Radius::AuthGROUP
> Mon Mar 17 18:12:34 2003: DEBUG: Handling with Radius::AuthSQL
> Mon Mar 17 18:12:34 2003: DEBUG: Handling with Radius::AuthSQL:
> Mon Mar 17 18:12:34 2003: DEBUG: Query is: select PASSWORD,
> CHECK_ITEMS,
> REPLY_ITEMS from SUBSCRIBERS where LOGIN='qqq' and ACTIVO=1
>
> Mon Mar 17 18:12:34 2003: DEBUG: Radius::AuthSQL looks for match with
> qqq
> Mon Mar 17 18:12:34 2003: DEBUG: Query is: select PASSWORD,
> CHECK_ITEMS,
> REPLY_ITEMS from SUBSCRIBERS where LOGIN='DEFAULT' and ACTIVO=1
>
> Mon Mar 17 18:12:34 2003: DEBUG: Radius::AuthSQL looks for match with
> DEFAULT
> Mon Mar 17 18:12:34 2003: DEBUG: Radius::AuthSQL REJECT: Bad Password
> Mon Mar 17 18:12:34 2003: DEBUG: Query is: select PASSWORD,
> CHECK_ITEMS,
> REPLY_ITEMS from SUBSCRIBERS where LOGIN='DEFAULT1' and ACTIVO=1
>
>
> Mon Mar 17 18:12:34 2003: INFO: Access rejected for qqq: No such user
> Mon Mar 17 18:12:34 2003: DEBUG: Packet dump:
> *** Sending to 172.17.70.24 port 53948 ....
> Code: Access-Reject
> Identifier: 184
> Authentic: 1234567890123456
> Attributes:
> Reply-Message = "Request Denied"
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list