(RADIATOR) User Login Problem Radiator
Hugh Irvine
hugh at open.com.au
Thu Oct 16 15:54:01 CDT 2003
Hello Chanaka -
I suspect your problem is due to a mismatch in the shared secrets, or
the SQL table definitions.
When you send a request from "radpwtst" the source IP address will be
the address of the host on which it is run. You will need a Client
clause on the target Radiator host to match with the correct shared
secret.
From the debug it appears you are running "radpwtst" on this host:
172.25.40.38 so you will need a Client clause for it with a secret of
"cisco" if you want it to match what you show below.
BTW - the problem may also be due to your database table definition if
it is returning a padded string. You should be using "varchar" for the
column definitions. Please take a look at the example table definitions
in "goodies/ansiCreate.sql".
regards
Hugh
On Thursday, Oct 16, 2003, at 21:15 Australia/Melbourne, Chanaka Mendis
wrote:
>
> We have been using radius for last two years with LDAP authentication.
> Now We need to transfer our users to ORACLE database.
> Here is a subscriber table details.
> But If I use radpwtst as follows user get rejected with "Bad Password"
>
> Pls Advise on this. I have already spent a week on this.
>
> -=---------------------------------------------------
> perl /radius/Radiator/bin/radpwtst -s 192.5.4.8 -secret cisco -user
> test2 -password t
> perl /radius/Radiator/bin/radpwtst -s 172.25.40.38 -secret cisco -user
> mikem -password fred
> -------------------------------------------------
>
> ------------------------
> SQL> desc SUBSCRIBERS_1
> Name Null? Type
> ----------------------------------------- --------
> --------------------
> --------
> USERNAME NOT NULL CHAR(50)
> PASSWORD CHAR(50)
> ENCRYPTEDPASSWORD CHAR(50)
> CHECKATTR CHAR(200)
> REPLYATTR CHAR(200)
> TIMELEFT NUMBER(38)
>
> ----------------------------------------------------------------
> SOme sql statments
>
> SQL> select PASSWORD from SUBSCRIBERS_1 where USERNAME='mikem';
> PASSWORD
> --------------------------------------------------
> fred
> SQL> select PASSWORD from SUBSCRIBERS_1 where USERNAME='test2';
> PASSWORD
> --------------------------------------------------
> t
>
> SQL>
>
>
> Here is a part of my my config file.
> ------------------------------
> <Realm>
> <AuthBy SQL>
> Identifier checkuser
> DBSource dbi:Oracle:nss
> DBUsername ga
> DBAuth ga
> NoDefault
> AuthSelect select PASSWORD from SUBSCRIBERS_1 where USERNAME=%0
> AuthColumnDef 0,User-Password, check
> </AuthBy>
> </Realm>
> -------------------------
>
>
>
>
> <VirusWall_Message.txt>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list