(RADIATOR) Feature Request: <AuthBy IMAPS>

Mike McCauley mikem at open.com.au
Thu Nov 11 01:21:16 CST 2004 

Hi Charly,

On Thursday 11 November 2004 16:49, Karl Gaissmaier wrote:
> Hi Mike,
>
> Mike McCauley schrieb:
>
> ...
>
> > You are right: it is usually best not to override handle_request. The
> > method you suggest is quite good. I find that for methods that do remote
> > verification of plaintext passwords, it is even better to make findUser
> > return a dummy empty user, and implement check_plain_password. It will
> > then work with PAP and EAP_TTLS_PAP.
>
> that's why I asked you. I didn't dig already so deep
> in the code to recognize the side effects with EAP.
>
> More questions:
> ===============
> What should findUser() return if the login was unsuccesful
> in order to work properly with EAP?

In this model, findUser always succeds (it doesnt actually do any 
authentication testing).

sub findUser
{
    return Radius::User->new();
}

AuthLSA.pm shows a typical use of this strategy.

>
> What about side effects to set 'NoDefault' in
> initilaize, since this can no longer be overridden
> by the user?
>
> Would it be better to set DefaultLimit to 0 and
> document this parameter to enable the user to
> override this value?
It would be better to set NoDefault, unless you really want to support DEFAULT 
users in your IMAP database.

>
> Sorry for so many questions.

No problem.
Cheers.

>
> Best Regards
> 	Charly

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list