(RADIATOR) AuthBy File random errors

Martijn Balink bnk at hesasd.nl
Tue Mar 22 10:41:33 CST 2005


Hi,
 
I've been running radiator 3.5 for quite a while now. 
Dial-up requests are handled well by the server (running Windows 2000). 
However, an online shop we're affiliated to wants to authenticate our
students and staff-members through Radius. 
So I've created an extra handler in my cfg file (below the dial-up-part.
Dialup is filtered out through NAS-address) :

	### STAFF-requests
	<Handler Realm=hesasd.nl>
	 # strip the realm from the username
	 RewriteUsername s/^([^@]+).*/$1/
	 # This one translates all uppercase chars to lowercase
	 RewriteUsername tr/[A-Z]/[a-z]/
	 <AuthBy FILE>
	  Filename  d:\Radiator-3.5\usersdb\aselectUsers.txt
	 </AuthBy>
	 AcctLogFileName d:\Radiator-3.5\log\aselect.detail.%d%m.log
	</handler>

 
This results for some users in the following error (which users get the
errors is totally random): 

	Tue Mar 22 14:04:01 2005: DEBUG: Packet dump:
	*** Received from 145.28.72.97 port 3516 ....
	Code:       Access-Request
	Identifier: 49
	Authentic:  \b<215>}<194>Gq<214>t{[<197><169>C<187><222>
	Attributes:
	 User-Name = "scf at hesasd.nl <mailto:scf at hesasd.nl> "
	 User-Password = "
<205><27><142>J<128><19><156><206><188>*<21>2O<24><244>"
	 
	Tue Mar 22 14:04:01 2005: DEBUG: Handling request with Handler
'Realm=hesasd.nl'
	Tue Mar 22 14:04:01 2005: DEBUG: Rewrote user name to scf
	Tue Mar 22 14:04:01 2005: DEBUG: Rewrote user name to scf
	Tue Mar 22 14:04:01 2005: DEBUG:  Deleting session for
scf at hesasd.nl <mailto:scf at hesasd.nl> , 145.28.72.97, 
	Tue Mar 22 14:04:01 2005: DEBUG: Handling with Radius::AuthFILE:

	Tue Mar 22 14:04:01 2005: ERR: Attribute number 79 is not
defined in your dictionary
	Tue Mar 22 14:04:01 2005: DEBUG: Radius::AuthFILE looks for
match with scf
	Tue Mar 22 14:04:02 2005: DEBUG: Radius::AuthFILE REJECT: Check
item user-password expression '<password>' does not match '' in request
	Tue Mar 22 14:04:02 2005: INFO: Access rejected for scf: Check
item user-password expression '<password>' does not match '' in request
	Tue Mar 22 14:04:02 2005: DEBUG: Packet dump:
	*** Sending to 145.28.72.97 port 3516 ....
	Code:       Access-Reject
	Identifier: 49
	Authentic:  \b<215>}<194>Gq<214>t{[<197><169>C<187><222>
	Attributes:
	 Reply-Message = "Request Denied"

The <password> items contain the user's password, I thought it safe to
remove that from my email ;-)
 
When I move the user "scf" to the top of the userfile
(aselectUsers.txt), authentication works fine. I've replaced the Active
Perl software (I was running 5.8.0) with version 5.6.1 (5.8.0 appeared
to be buggy, according to the installation documents), but this didn't
change a thing. 
Is there anybody who has a solution for this problem? 
By the way (maybe this has something to do with it, maybe it doesn't),
the logging statement (AcctLogFileName
d:\Radiator-3.5\log\aselect.detail.%d%m.log) does not produce any output
at all, not even an empty log-file...
 
I hope anyone can help me out in this.
 
Thanks in advance,
 
Martijn Balink
Network Administrator
Amsterdam School of Business. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20050322/78031050/attachment.html>


More information about the radiator mailing list