[RADIATOR] AuthBy SQL

Hugh Irvine hugh at open.com.au
Thu May 27 18:39:13 CDT 2010


Hello Stefan -

I am guessing this is due to your database that is only storing 8 characters.

How is your database schema defined?

Can you send me a trace 5 debug showing what is happening? Please include a copy of the database schema and the user entry.

regards

Hugh


On 27 May 2010, at 22:38, Stefan Riegelnik wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi,
> 
> I have a question regarding the authentication by sql - 
> is it normal that only the first 8 characters of the password are
> checked when using AutBy SQL?
> 
> <Handler Client-Identifier=localdb>
> <AuthBy SQL>
> DBSource dbi:Pg:database=userdb;host=a
> DBUsername userdb
> AuthSelect select vpnattribute,pw2  \
> from users where username=%0 \
> and accountenabled = 1 \
> and vpn = 1 \
> and CURRENT_DATE >= accountvalid and CURRENT_DATE <= accountexpiry
> AuthColumnDef 0, Class, request
> AuthColumnDef 1, User-Password, check
> AddToReply Class=%{Class}
> </AuthBy>
> </Handler>
> 
> E.g. the password in the DB ist "12345678", but the user is accepted
> even if s/he enters "12345689" - the behaviour does not appear with AuthBy FILE
> 
> Radiatoreersions 4.3.1 and 4.6
> 
> Thanks,
> Stefan
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (Darwin)
> 
> iD8DBQFL/merTItIMi1CpmERArJfAJ4zDMy74lUlAIufKGQSo/MGwjLQPQCfZHSN
> P8hHM6hwDiE6pKHfE0aVL9s=
> =2DHp
> -----END PGP SIGNATURE-----
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator



NB: 

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets), 
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.





More information about the radiator mailing list