(RADIATOR) AuthBy SQL problem
Hugh Irvine
hugh at open.com.au
Wed Oct 15 17:04:52 CDT 2003
Hello Adam -
All you really need to do is use a RewriteUsername and a
CaseInsensitivePasswords with a single AuthBy SQL.
regards
Hugh
On Thursday, Oct 16, 2003, at 00:27 Australia/Melbourne, Adam
Pogorzelski wrote:
> Hello,
> I have such a problem. I have users in mysql database, and few so
> called
> multilogin users. These multilogins have simple passwords created by
> username, for example ppp/ppp. Problem is, that i need to authenticate
> these combination as the same user:
> ppp/ppp, PPP/PPP, ppp/PPP, PPP/ppp.
> For now i am including to one Handler two authby's config files,
> one with normal AuthSelect, and second with Authselect 'select
> ucase(PASSWORD)'.
> Because i have many Handlers, and for each Handler is two configs, i
> want
> to minimize all configuration.
> So my question is: is it possible to put in AuthBy clause two
> AuthSelect's ?
> Similiar to AuthByPolicy ?
>
> Btw, for each failed Radius::AuthSQL i have one insert to database with
> info about it, and if i have four login/pass combination, i can have
> three
> inserts to database with fail info.
>
> ps. I may be wrong, but does Radiator isn't sql injection aware ?
> Sat Oct 11 06:51:57 2003: ERR: do failed for 'insert into radauthlog
> values (1065847917,'~}#','F~~}#@!}!}'} }4',1,'No such
> user','DNIS','CLID')': You have an error in your SQL syntax near '}
> }4',1,'No such user','DNIS','CLID')' at line 1
> S
>
> --
> "For proper viewing, take red pill now"
> Futurama
> AdamP.
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list