(RADIATOR) User Login Problem Radiator

Hugh Irvine hugh at open.com.au
Thu Oct 16 15:54:01 CDT 2003


Hello Chanaka -

I suspect your problem is due to a mismatch in the shared secrets, or 
the SQL table definitions.

When you send a request from "radpwtst" the source IP address will be 
the address of the host on which it is run. You will need a Client 
clause on the target Radiator host to match with the correct shared 
secret.

 From the debug it appears you are running "radpwtst" on this host: 
172.25.40.38 so you will need a Client clause for it with a secret of 
"cisco" if you want it to match what you show below.

BTW - the problem may also be due to your database table definition if 
it is returning a padded string. You should be using "varchar" for the 
column definitions. Please take a look at the example table definitions 
in "goodies/ansiCreate.sql".

regards

Hugh


On Thursday, Oct 16, 2003, at 21:15 Australia/Melbourne, Chanaka Mendis 
wrote:

>
> We have been using radius for last two years with LDAP authentication.
> Now We need to transfer our users to ORACLE database.
> Here is a subscriber table details.
> But If I use radpwtst as follows user get rejected with "Bad Password"
>
> Pls Advise on this. I have already spent a week on this.
>
> -=---------------------------------------------------
> perl /radius/Radiator/bin/radpwtst -s 192.5.4.8 -secret cisco -user
> test2 -password t
> perl /radius/Radiator/bin/radpwtst -s 172.25.40.38 -secret cisco -user
> mikem -password fred
> -------------------------------------------------
>
> ------------------------
> SQL> desc SUBSCRIBERS_1
>  Name                                      Null?    Type
>  ----------------------------------------- -------- 
> --------------------
> --------
>  USERNAME                                  NOT NULL CHAR(50)
>  PASSWORD                                           CHAR(50)
>  ENCRYPTEDPASSWORD                                  CHAR(50)
>  CHECKATTR                                          CHAR(200)
>  REPLYATTR                                          CHAR(200)
>  TIMELEFT                                           NUMBER(38)
>
> ----------------------------------------------------------------
> SOme sql statments
>
> SQL> select PASSWORD from SUBSCRIBERS_1 where USERNAME='mikem';
> PASSWORD
> --------------------------------------------------
> fred
> SQL> select PASSWORD from SUBSCRIBERS_1 where USERNAME='test2';
> PASSWORD
> --------------------------------------------------
> t
>
> SQL>
>
>
> Here is a part of my my config file.
> ------------------------------
> <Realm>
>         <AuthBy SQL>
>         Identifier checkuser
>         DBSource dbi:Oracle:nss
>         DBUsername      ga
>         DBAuth          ga
>         NoDefault
>         AuthSelect select PASSWORD from SUBSCRIBERS_1 where USERNAME=%0
>         AuthColumnDef 0,User-Password, check
>         </AuthBy>
> </Realm>
> -------------------------
>
>
>
>
> <VirusWall_Message.txt>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list