[RADIATOR] AuthBy SQL
Stefan Riegelnik
sriegelnik at netway.at
Thu May 27 07:38:03 CDT 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I have a question regarding the authentication by sql -
is it normal that only the first 8 characters of the password are
checked when using AutBy SQL?
<Handler Client-Identifier=localdb>
<AuthBy SQL>
DBSource dbi:Pg:database=userdb;host=a
DBUsername userdb
AuthSelect select vpnattribute,pw2 \
from users where username=%0 \
and accountenabled = 1 \
and vpn = 1 \
and CURRENT_DATE >= accountvalid and CURRENT_DATE <= accountexpiry
AuthColumnDef 0, Class, request
AuthColumnDef 1, User-Password, check
AddToReply Class=%{Class}
</AuthBy>
</Handler>
E.g. the password in the DB ist "12345678", but the user is accepted
even if s/he enters "12345689" - the behaviour does not appear with AuthBy FILE
Radiatoreersions 4.3.1 and 4.6
Thanks,
Stefan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (Darwin)
iD8DBQFL/merTItIMi1CpmERArJfAJ4zDMy74lUlAIufKGQSo/MGwjLQPQCfZHSN
P8hHM6hwDiE6pKHfE0aVL9s=
=2DHp
-----END PGP SIGNATURE-----
More information about the radiator
mailing list