(RADIATOR) Help Digest authentication!
Jhonny Freire de Oliveira
joliveira at nic.ul.pt
Mon Oct 24 06:40:14 CDT 2005
Hi, I'm trying to authenticate users through Digest on Radiator, this works for AuthBy File:
Mon Oct 24 11:43:40 2005: DEBUG: Packet dump:
*** Received from 194.117.1.222 port 32785 ....
Code: Access-Request
Identifier: 64
Authentic: <209><6>\<156>F^}<200><201>k<199><12><195><220><225>i
Attributes:
User-Name = "teste-nic at ul.pt"
Digest-Attributes = "<10><11>teste-nic"
Digest-Attributes = "<1><7>ul.pt"
Digest-Attributes = "<2>*435cb5b3f40a18f80ab2768637741782fbf9963a"
Digest-Attributes = "<4><11>sip:ul.pt"
Digest-Attributes = "<3><10>REGISTER"
Digest-Attributes = "<5><6>auth"
Digest-Attributes = "<9><10>00000002"
Digest-Attributes = "<8>"244DBC3268FF47EA838341A808EAFF51"
Digest-Response = "9629212ab25ced744ec86db8dacaf248"
Service-Type = SIP
Sip-URI-User = "teste-nic"
NAS-IP-Address = 194.117.1.222
NAS-Port = 5060
Mon Oct 24 11:43:40 2005: DEBUG: Handling request with Handler 'Service-Type=SIP'
Mon Oct 24 11:43:40 2005: DEBUG: Deleting session for teste-nic at ul.pt, 194.117.1.222, 5060
Mon Oct 24 11:43:40 2005: DEBUG: Handling with Radius::AuthFILE:
Mon Oct 24 11:43:40 2005: DEBUG: Radius::AuthFILE looks for match with teste-nic at ul.pt
Mon Oct 24 11:43:40 2005: DEBUG: Radius::AuthFILE ACCEPT:
Mon Oct 24 11:43:40 2005: DEBUG: AuthBy FILE result: ACCEPT,
Mon Oct 24 11:43:40 2005: DEBUG: Access accepted for teste-nic at ul.pt
Mon Oct 24 11:43:40 2005: DEBUG: Packet dump:
*** Sending to 194.117.1.222 port 32785 ....
Code: Access-Accept
Identifier: 64
Authentic: <209><6>\<156>F^}<200><201>k<199><12><195><220><225>i
Attributes:
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Netmask = 255.255.255.255
Framed-Routing = None
Framed-MTU = 1500
Framed-Compression = Van-Jacobson-TCP-IP
When I try to authenticate with AuthBy NTLM, it doesn't work.
With name re-writing:
Mon Oct 24 12:18:13 2005: DEBUG: Packet dump:
*** Received from 194.117.1.222 port 32787 ....
Code: Access-Request
Identifier: 96
Authentic: F<153><165>h<21><221><136><219><12><19><244><161><152><11><143>{
Attributes:
User-Name = "teste-nic at ul.pt"
Digest-Attributes = "<10><11>teste-nic"
Digest-Attributes = "<1><7>ul.pt"
Digest-Attributes = "<2>*435cba5a9ef5c74f92fcec16304e0ec3e1f74683"
Digest-Attributes = "<4><11>sip:ul.pt"
Digest-Attributes = "<3><10>REGISTER"
Digest-Attributes = "<5><6>auth"
Digest-Attributes = "<9><10>00000032"
Digest-Attributes = "<8>"1A1F8D6067F949D291549F805DB7CC78"
Digest-Response = "f09af4c5d9d371ae39de10f697c8e9a8"
Service-Type = SIP
Sip-URI-User = "teste-nic"
NAS-IP-Address = 194.117.1.222
NAS-Port = 5060
Mon Oct 24 12:18:13 2005: DEBUG: Handling request with Handler 'Realm = /ul\.pt/i'
Mon Oct 24 12:18:13 2005: DEBUG: Rewrote user name to ul.pt\teste-nic
Mon Oct 24 12:18:13 2005: DEBUG: Deleting session for teste-nic at ul.pt, 194.117.1.222, 5060
Mon Oct 24 12:18:13 2005: DEBUG: Handling with Radius::AuthNTLM:
Mon Oct 24 12:18:13 2005: DEBUG: Radius::AuthNTLM looks for match with ul.pt\teste-nic
Mon Oct 24 12:18:13 2005: DEBUG: Radius::AuthNTLM REJECT: AuthBy NTLM Password check failed
Mon Oct 24 12:18:13 2005: DEBUG: AuthBy NTLM result: REJECT, AuthBy NTLM Password check failed
Mon Oct 24 12:18:13 2005: INFO: Access rejected for ul.pt\teste-nic: AuthBy NTLM Password check failed
Mon Oct 24 12:18:13 2005: DEBUG: Packet dump:
*** Sending to 194.117.1.222 port 32787 ....
Code: Access-Reject
Identifier: 96
Authentic: F<153><165>h<21><221><136><219><12><19><244><161><152><11><143>{
Attributes:
Reply-Message = "Request Denied"
Without name re-writing:
Mon Oct 24 12:38:17 2005: DEBUG: Packet dump:
*** Received from 194.117.1.222 port 32787 ....
Code: Access-Request
Identifier: 110
Authentic: <156><20><138>f(X u<191><22>b<231><252><22><157><24>
Attributes:
User-Name = "teste-nic at ul.pt"
Digest-Attributes = "<10><11>teste-nic"
Digest-Attributes = "<1><7>ul.pt"
Digest-Attributes = "<2>*435cbd2ff6470d5eced2803bf07d707e93236080"
Digest-Attributes = "<4><11>sip:ul.pt"
Digest-Attributes = "<3><10>REGISTER"
Digest-Attributes = "<5><6>auth"
Digest-Attributes = "<9><10>00000002"
Digest-Attributes = "<8>"65C440E8290A4FFABA3D62E678053603"
Digest-Response = "8e571d9675616025d77823c2797119f8"
Service-Type = SIP
Sip-URI-User = "teste-nic"
NAS-IP-Address = 194.117.1.222
NAS-Port = 5060
Mon Oct 24 12:38:18 2005: DEBUG: Handling request with Handler 'Realm = /ul\.pt/i'
Mon Oct 24 12:38:18 2005: DEBUG: Deleting session for teste-nic at ul.pt, 194.117.1.222, 5060
Mon Oct 24 12:38:18 2005: DEBUG: Handling with Radius::AuthNTLM:
Mon Oct 24 12:38:18 2005: DEBUG: Radius::AuthNTLM looks for match with teste-nic at ul.pt
Mon Oct 24 12:38:18 2005: DEBUG: Radius::AuthNTLM REJECT: AuthBy NTLM Password check failed
Mon Oct 24 12:38:18 2005: DEBUG: AuthBy NTLM result: REJECT, AuthBy NTLM Password check failed
Mon Oct 24 12:38:18 2005: INFO: Access rejected for teste-nic at ul.pt: AuthBy NTLM Password check failed
Mon Oct 24 12:38:18 2005: DEBUG: Packet dump:
*** Sending to 194.117.1.222 port 32787 ....
Code: Access-Reject
Identifier: 110
Authentic: <156><20><138>f(X u<191><22>b<231><252><22><157><24>
Attributes:
Reply-Message = "Request Denied"
My conf is this:
#Para autenticar os utilizadores na AD
<Handler Realm = /ul\.pt/i>
# remover o realm ao nome
# RewriteUsername s/^([^@]+).*/$1/
# re-escreve na forma DOMAIN\user
# RewriteUsername s/(.*)@(.*)/$2\\$1/
<AuthBy NTLM>
</AuthBy>
AcctLogFileName %L/ser-%R-%m-%Y.detail
</Handler>
What can I do to make it work?
Regards,
--
____________________________________________________________________
Jhonny Freire Oliveira Núcleo de Informática e Comunicações da UL
joliveira at nic.ul.pt Reitoria da UL, Alameda da Universidade
Tel: +351 210113447 Campo Grande - 1649-004 Lisboa, Portugal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20051024/fcd71117/attachment.html>
More information about the radiator
mailing list