(RADIATOR) (Radiator)User can login successfully even with wrong password

ScottXiao scottxiao at antlabs.com
Fri Oct 29 00:09:42 CDT 2004 

Hello Mike,
As you mentioned,here is the debug file and configuration of the authentication part,it seems it only check if the user name exist and timeleft >0 and then let the user get in ,even password is wrong.What I need to modify to resolve this problem?Thanks!!
Scott



Fri Oct 29 12:48:48 2004: DEBUG: Packet dump:
*** Received from 219.238.x.y port 27163 ....
Code:       Access-Request
Identifier: 118
Authentic:  <201>42)3<134>0N;CW<9>}<196><237>w
Attributes:
        User-Name = "kt"
        User-Password = "|r{<148><145><8><142>"#G<223><174>|&<244><220>"
        NAS-IP-Address = 219.238.255.85
        NAS-Port = 0
        Service-Type = Authenticate-Only
        Framed-IP-Address = 192.168.123.7
        Calling-Station-Id = "00:0C:F1:07:27:DD"
        NAS-Identifier = "Ezxcess108"
        NAS-Port-Type = Virtual

Fri Oct 29 12:48:48 2004: DEBUG: Handling request with Handler ''
Fri Oct 29 12:48:48 2004: DEBUG:  Deleting session for kt, 219.238.x.y, 0
Fri Oct 29 12:48:48 2004: DEBUG: Handling with Radius::AuthSQL
Fri Oct 29 12:48:48 2004: DEBUG: Handling with Radius::AuthSQL:
Fri Oct 29 12:48:48 2004: DEBUG: Query is: 'select TIMELEFT from SUBSCRIBERS whe
re USERNAME='kt' and TIMELEFT > 0':

Fri Oct 29 12:48:48 2004: DEBUG: Radius::AuthSQL looks for match with kt
Fri Oct 29 12:48:48 2004: DEBUG: Radius::AuthSQL ACCEPT:
Fri Oct 29 12:48:48 2004: DEBUG: Access accepted for kt
Fri Oct 29 12:48:48 2004: DEBUG: Packet dump:
*** Sending to 219.238.255.85 port 27163 ....
Code:       Access-Accept
Identifier: 118
Authentic:  <201>42)3<134>0N;CW<9>}<196><237>w
Attributes:
        Session-Timeout = 124586

Fri Oct 29 12:48:48 2004: DEBUG: Packet dump:




# Adjust DBSource, DBUsername, DBAuth to suit your DB
#       DBSource        dbi:mysql:radius
#       DBUsername      mikem
#       DBAuth          fred

        # Only one session per user at a time
        DefaultSimultaneousUse 1
        # Let the user in if they have any time left, set
        # the Session-timeout to the time left
        AuthSelect select PASSWORD, TIMELEFT from SUBSCRIBERS where USERNAME=%0 and TIMELEFT > 0
        AuthColumnDef   0,User-Password,check
        AuthColumnDef   1,Session-Timeout,reply

        # Adjust the time left when they log out
      AccountingStopsOnly
      AcctSQLStatement update SUBSCRIBERS set TIMELEFT=TIMELEFT-0%{Acct-Session-Time} where USERNAME='%n'


    </AuthBy>
  #<AuthBy FILE>


Best regards, 
  
ScottXiao
scottxiao at antlabs.com
2004-10-29


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list