[RADIATOR] AuthBy SQL
Hugh Irvine
hugh at open.com.au
Thu May 27 18:39:13 CDT 2010
Hello Stefan -
I am guessing this is due to your database that is only storing 8 characters.
How is your database schema defined?
Can you send me a trace 5 debug showing what is happening? Please include a copy of the database schema and the user entry.
regards
Hugh
On 27 May 2010, at 22:38, Stefan Riegelnik wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> I have a question regarding the authentication by sql -
> is it normal that only the first 8 characters of the password are
> checked when using AutBy SQL?
>
> <Handler Client-Identifier=localdb>
> <AuthBy SQL>
> DBSource dbi:Pg:database=userdb;host=a
> DBUsername userdb
> AuthSelect select vpnattribute,pw2 \
> from users where username=%0 \
> and accountenabled = 1 \
> and vpn = 1 \
> and CURRENT_DATE >= accountvalid and CURRENT_DATE <= accountexpiry
> AuthColumnDef 0, Class, request
> AuthColumnDef 1, User-Password, check
> AddToReply Class=%{Class}
> </AuthBy>
> </Handler>
>
> E.g. the password in the DB ist "12345678", but the user is accepted
> even if s/he enters "12345689" - the behaviour does not appear with AuthBy FILE
>
> Radiatoreersions 4.3.1 and 4.6
>
> Thanks,
> Stefan
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (Darwin)
>
> iD8DBQFL/merTItIMi1CpmERArJfAJ4zDMy74lUlAIufKGQSo/MGwjLQPQCfZHSN
> P8hHM6hwDiE6pKHfE0aVL9s=
> =2DHp
> -----END PGP SIGNATURE-----
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
More information about the radiator
mailing list