[RADIATOR] AuthBy SQL Question (mySQL)

Ryan Harden hardenrm at illinois.edu
Thu Feb 11 15:38:15 CST 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

After much struggling I'm unable to get my radiator box to query mySQL.

I'd like to query a mySQL database/table for the existence of a
username. If that username exists, send Access-Reject. (As this is our
blocked user database.) If that user doesn't exist, carry on to the next
AuthBy clause. Below is my config:

<Handler Client-Identifier=JuniperTest>
        <AuthBy SQL>
                DBSource dbi:mysql:backbone:database.server.net:3306
                DBUsername radiator
                DBAuth ************
                AuthSelect select * from blocklist where netid='%n' and
active=1
                NoCheckPassword
                NoDefault
                NoDefaultIfFound
                AuthColumnDef 0, ID, reply
                AuthColumnDef 1, service, reply
                AuthColumnDef 2, netid, reply
                AuthColumnDef 3, active, reply
        </AuthBy>
        <AuthBy FILE>
                Filename %D/users-juniper
        </AuthBy>
        AuthLog juniper
</Handler>

Database Table (blocklist) looks like: (Sorry it wraps)
| id   | service | netid  | active | blockts| releasets | setby   | why
| ticket | liftby | domain   |
| 2328 | VPN   | baduser1 |      1 | 2010-02-11 09:20:42 | NULL      |
security | COPY-2227 Copyright Violation |   2227 | NULL   | NULL |
| 2329 | WIFI    | baduser2 |      1 | 2010-02-11 09:20:43 | NULL      |
security | COPY-2227 Copyright Violation |   2227 | NULL   | NULL |

I'm getting the following in my Radiator Logs:

Thu Feb 11 15:01:46 2010: DEBUG: Handling request with Handler
'Client-Identifier=JuniperTest'

Thu Feb 11 15:01:46 2010: DEBUG:  Deleting session for baduser1,
128.174.43.191,
Thu Feb 11 15:01:46 2010: DEBUG: Handling with Radius::AuthSQL:

Thu Feb 11 15:01:46 2010: DEBUG: Handling with Radius::AuthSQL:

Thu Feb 11 15:01:47 2010: ERR: Could not connect to SQL database with
DBI->connect dbi:mysql:backbone:database.server.net:3306, radiator,
***********:
Thu Feb 11 15:01:47 2010: ERR: Could not connect to any SQL database.
Request is ignored. Backing off for 600 seconds

Thu Feb 11 15:01:47 2010: DEBUG: AuthBy SQL result: IGNORE, User
database access error

I have verified that the permissions are correct in mySQL and have
verified that the 'radiator' user can log in from the radiator server
using the specified password. The logs seems to indicate otherwise
unless that error message means something I'm not understanding.

Does anyone have any advice as to what I'm doing wrong or what I might
try next?

/Ryan

- -- 
Ryan M. Harden, BS, KC9IHX		Office: 217-265-5192
CITES - Network Engineering		Cell:  	217-689-1363
2130 Digital Computer Lab		Fax:    217-244-7089
1304 W. Springfield	 		email:  hardenrm at illinois.edu
Urbana, IL  61801 			

      University of Illinois at Urbana/Champaign - AS38
	   University of Illinois - ICCN - AS40387
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkt0eMUACgkQtuPckBBbXbpQ1wCgiBfBX7ooBrn6kECv1ziTkR1i
hOgAn2/6VbwHEoGmUYFTaYiFpx8AZS7+
=MOQg
-----END PGP SIGNATURE-----

More information about the radiator mailing list