(RADIATOR) Question in <AuthBy EXTERNAL>

Man Meng Fei mf_man at unifiedcomms.com
Thu Oct 2 20:22:33 CDT 2003


Hi Mke and Hugh
May i know how should i pass the parameter into the perl script when i
execute <AUTH EXTERNAL> and how can get the result after execute the
perl script ?

Thank 

MAN

-----Original Message-----
From: owner-radiator at open.com.au [mailto:owner-radiator at open.com.au] On
Behalf Of Man Meng Fei
Sent: Thursday, October 02, 2003 1:58 PM
To: 'Mike McCauley'; 'Hugh Irvine'
Cc: radiator at open.com.au
Subject: RE: (RADIATOR) Question in <AuthBy EXTERNAL>


Hi
Do i need to pass any parameter to testcommand.pl ?


MAN

-----Original Message-----
From: owner-radiator at open.com.au [mailto:owner-radiator at open.com.au] On
Behalf Of Mike McCauley
Sent: Thursday, October 02, 2003 12:36 PM
To: Hugh Irvine; mf_man at unifiedcomms.com
Cc: radiator at open.com.au
Subject: Re: (RADIATOR) Question in <AuthBy EXTERNAL>


Hi Hugh,

If you look at godies/external.cfg, you will see he needs something like
this:

		Command c:/perl/bin/perl ./goodies/testcommand.pl

DOS does not know how to interpret #!/usr/bin/perl so it cant run 
C:\Perl\bin\testcommand.pl without some cluues.

Cheers.


On Thu, 2 Oct 2003 12:23 pm, Hugh Irvine wrote:
> Hello Man Meng Fei -
>
> I suspect that Radiator is not able to run the external command.
>
> What happens when you run the following in a MS-DOS window:
>
> 	C:\Perl\bin\testcommand.pl
>
> There is probably something wrong with either the path or the contents

> of the file.
>
> regards
>
> Hugh
>
>
> On Thursday, Oct 2, 2003, at 03:56 Australia/Melbourne, Man Meng Fei
>
> wrote:
> > Hi
> > Currently i am using a sample configuration (external.cfg) and perl
> > script (testcommand.pl) which can be retrieved from goodies 
> > directory to understand the implementation of <AuthBy EXTERNAL>.
> > But after i executed it, i can't get the expected test result. I got
No
> > Reply at Radius client. I hope someone can help me to make this
<AuthBy
> > EXTERNAL> sample working.
> >
> > Lastly i attached Radius Configration file which i used for the
> > testing and Radius Server and Radius Client's output result
> >
> > Man Meng Fei
> >
> >
> >
> > ----------radius.cfg-----------
> > # external.cfg
> > #
> > # Example Radiator configuration file.
> > # This very simple file will allow you to get started with #
> > EXTERNAL authentication. #
> > # There is an example external program called testcommand.pl
> > # in the goodies directory, whichthe example below uses. It
> > # will accept the request if the username is "fred" otherwise reject
> > # it.
> > #
> > # So if you run Radiator with this config file, then do
> > # radpwtst -noacct -trace -user fred
> > # you will see something like:
> > # sending Access-Request...
> > # OK
> > # Code:       Access-Accept
> > # Identifier: 109
> > # Authentic:  <12>_B<215><2>=<149><140>kBM<130><221><10>.S
> > # Attributes:
> > #         Reply-Message = "you are fred"
> > #
> > #
> > # And if you do:
> > # radpwtst -noacct -trace -user someoneelse
> > # you will see something like:
> > # sending Access-Request...
> > # Rejected
> > # Code:       Access-Reject
> > # Identifier: 70
> > # Authentic:
<165><206>RiJ<208><139><245><129>@<170><136><23>s<24><23>
> > # Attributes:
> > #         Reply-Message = "you are NOT fred, you are 'someoneelse'"
> > #         Reply-Message = "Request Denied"
> >
> >
> > #
> > # You should consider this file to be a starting point only # $Id:
> > external.cfg,v 1.3 2003/09/22 23:30:56 mikem Exp $
> >
> > Foreground
> > LogStdout
> > LogDir		c:/Program Files/Radiator
> > DbDir		c:/Program Files/Radiator
> >
> > Trace 		4
> >
> > # You will probably want to change this to suit your site. <Client
> > DEFAULT>
> > 	Secret	mysecret
> > 	DupInterval 0
> > </Client>
> >
> > <Realm DEFAULT>
> > 	<AuthBy EXTERNAL>
> > 		# For NT, you might want something like this
> > 		Command C:\Perl\bin\testcommand.pl
> >
> > 		# For Unix, maybe something like this
> > #		#Command ./goodies/testcommand.pl
> >
> > 		# This will cause the User-Password
> > 		# to be decrypted before being passed to the
> > 		# external program
> > 		DecryptPassword
> >
> > 		# You might prefer use this to tell AuthBy EXTERNAL
> > 		# to get the result from the first line of the
> > 		# output. The permitted values are ACCEPT, REJECT
> > 		# IGNORE CHALLENGE or REJECT_IMMEDIATE. ON Win98
> > 		# its the only way to get it to work.
> > 		# We recommend you use this method
> > 		ResultInOutput
> > 	</AuthBy>
> > </Realm>
> >
> >
> >
> >
> >
> > -------Radius Server Output--------------------------
> >
> > Microsoft Windows 2000 [Version 5.00.2195]
> > (C) Copyright 1985-2000 Microsoft Corp.
> >
> > C:\Documents and Settings\man\Desktop>PERL c:\perl\bin\radiusd Thu
> > Oct  2 01:16:58 2003: DEBUG: Finished reading configuration file 
> > 'C:\Program  Files\Radiator\radius.cfg'
> > This Radiator license will expire on 2004-02-01
> > This Radiator license will stop operating after 1000 requests
> > To purchase an unlimited full source version of Radiator, see
> > http://www.open.com.au/ordering.html
> > To extend your evaluation period, contact admin at open.com.au
> >
> > Thu Oct  2 01:16:58 2003: DEBUG: Reading dictionary file 'c:/Program

> > Files/Radia tor/dictionary'
> > Thu Oct  2 01:16:58 2003: DEBUG: Creating authentication port 
> > 0.0.0.0:1645 Thu Oct  2 01:16:58 2003: DEBUG: Creating accounting 
> > port
0.0.0.0:1646
> > Thu Oct  2 01:16:58 2003: NOTICE: Server started: Radiator 3.7 on
man
> > (EVALUATIO
> > N)
> > Thu Oct  2 01:18:52 2003: DEBUG: Packet dump:
> > *** Received from 127.0.0.1 port 3006 ....
> > Code:       Access-Request
> > Identifier: 67
> > Authentic:  1234567890123456
> > Attributes:
> >         User-Name = "mikem"
> >         Service-Type = Framed-User
> >         NAS-IP-Address = 203.63.154.1
> >         NAS-Port = 1234
> >         Called-Station-Id = "123456789"
> >         Calling-Station-Id = "987654321"
> >         NAS-Port-Type = Async
> >         User-Password = 
> > "<159><249>:<201><175>\<4><246><188>8<9><160><216>}x<153>"
> >
> > Thu Oct  2 01:18:52 2003: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT' Thu Oct  2 01:18:52 2003: DEBUG:  Deleting session 
> > for mikem, 203.63.154.1, 1234
> > Thu Oct  2 01:18:52 2003: DEBUG: Running command:
> > C:\Perl\bin\testcommand.pl
> > Thu Oct  2 01:25:09 2003: ERR: ResultInOutput is enabled, but the
first
> > line of from the E
> > XTRNAL command is an unknown result code
> > Thu Oct  2 01:25:09 2003: DEBUG: Packet dump:
> > *** Received from 127.0.0.1 port 3006 ....
> > Code:       Accounting-Request
> > Identifier: 68
> > Authentic:
<30>Z<190><154>(<20><153><30><10>c<24><237><243><176>V<236>
> > Attributes:
> >         User-Name = "mikem"
> >         Service-Type = Framed-User
> >         NAS-IP-Address = 203.63.154.1
> >         NAS-Port = 1234
> >         NAS-Port-Type = Async
> >         Acct-Session-Id = "00001234"
> >         Acct-Status-Type = Start
> >         Called-Station-Id = "123456789"
> >         Calling-Station-Id = "987654321"
> >         Acct-Delay-Time = 0
> >
> > Thu Oct  2 01:25:09 2003: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT' Thu Oct  2 01:25:09 2003: DEBUG:  Adding session for

> > mikem, 203.63.154.1, 1234
> > Thu Oct  2 01:25:09 2003: DEBUG: Running command: 
> > C:\Perl\bin\testcommand.pl
> >
> >
> > -------Radius Client Output-------------------------- Microsoft
> > Windows 2000 [Version 5.00.2195]
> > (C) Copyright 1985-2000 Microsoft Corp.
> >
> > C:\Documents and Settings\man\Desktop>perl c:\perl\bin\radpwtst
> > -user mikem -password fred
> >
> > sending Access-Request...
> > No reply
> > sending Accounting-Request Start...
> > No reply
> > sending Accounting-Request Stop...
> > No reply
> >
> > C:\Documents and Settings\man\Desktop>
> >
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with 'unsubscribe
> > radiator' in the body of the message.
>
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list