(RADIATOR) AuthBy File random errors
Hugh Irvine
hugh at open.com.au
Tue Mar 22 12:08:05 CST 2005
Hello Martijn -
It looks like your users file has at least a few problems.
The first one is the spelling of "User-Password" which _must_ appear
correctly spelled as I have shown.
There may be other problems in the file but without seeing it is
difficult to say.
If you are not getting anything in the accounting file it is probably
because you are not receiving any accounting requests.
regards
Hugh
On 22 Mar 2005, at 17:41, Martijn Balink wrote:
> Hi,
>
> I've been running radiator 3.5 for quite a while now.
> Dial-up requests are handled well by the server (running Windows
> 2000).
> However, an online shop we're affiliated to wants to authenticate our
> students and staff-members through Radius.
> So I've created an extra handler in my cfg file (below the
> dial-up-part. Dialup is filtered out through NAS-address) :
>
> ### STAFF-requests
> <Handler Realm=hesasd.nl>
> # strip the realm from the username
> RewriteUsername s/^([^@]+).*/$1/
> # This one translates all uppercase chars to lowercase
> RewriteUsername tr/[A-Z]/[a-z]/
> <AuthBy FILE>
> Filename d:\Radiator-3.5\usersdb\aselectUsers.txt
> </AuthBy>
> AcctLogFileName d:\Radiator-3.5\log\aselect.detail.%d%m.log
> </handler>
>
> This results for some users in the following error (which users get
> the errors is totally random):
>
> Tue Mar 22 14:04:01 2005: DEBUG: Packet dump:
> *** Received from 145.28.72.97 port 3516 ....
> Code: Access-Request
> Identifier: 49
> Authentic: \b<215>}<194>Gq<214>t{[<197><169>C<187><222>
> Attributes:
> User-Name = "scf at hesasd.nl"
> User-Password = "
> <205><27><142>J<128><19><156><206><188>*<21>2O<24><244>"
>
> Tue Mar 22 14:04:01 2005: DEBUG: Handling request with Handler
> 'Realm=hesasd.nl'
> Tue Mar 22 14:04:01 2005: DEBUG: Rewrote user name to scf
> Tue Mar 22 14:04:01 2005: DEBUG: Rewrote user name to scf
> Tue Mar 22 14:04:01 2005: DEBUG: Deleting session for scf at hesasd.nl,
> 145.28.72.97,
> Tue Mar 22 14:04:01 2005: DEBUG: Handling with Radius::AuthFILE:
> Tue Mar 22 14:04:01 2005: ERR: Attribute number 79 is not defined in
> your dictionary
> Tue Mar 22 14:04:01 2005: DEBUG: Radius::AuthFILE looks for match with
> scf
> Tue Mar 22 14:04:02 2005: DEBUG: Radius::AuthFILE REJECT: Check item
> user-password expression '<password>' does not match '' in request
> Tue Mar 22 14:04:02 2005: INFO: Access rejected for scf: Check item
> user-password expression '<password>' does not match '' in request
> Tue Mar 22 14:04:02 2005: DEBUG: Packet dump:
> *** Sending to 145.28.72.97 port 3516 ...
> Code: Access-Reject
> Identifier: 49
> Authentic: \b<215>}<194>Gq<214>t{[<197><169>C<187><222>
> Attributes:
> Reply-Message = "Request Denied"
> The <password> items contain the user's password, I thought it safe to
> remove that from my email ;-)
>
> When I move the user "scf" to the top of the userfile
> (aselectUsers.txt), authentication works fine. I've replaced the
> Active Perl software (I was running 5.8.0) with version 5.6.1 (5.8.0
> appeared to be buggy, according to the installation documents), but
> this didn't change a thing.
> Is there anybody who has a solution for this problem?
> By the way (maybe this has something to do with it, maybe it
> doesn't), the logging statement (AcctLogFileName
> d:\Radiator-3.5\log\aselect.detail.%d%m.log) does not produce any
> output at all, not even an empty log-file...
>
> I hope anyone can help me out in this.
>
> Thanks in advance,
>
> Martijn Balink
> Network Administrator
> Amsterdam School of Business.
>
NB: I am travelling this week, so there may be delays in our
correspondence.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list