[RADIATOR] CHAP flow
M P
antmtp at hotmail.com
Wed Nov 23 03:04:57 CST 2011
Hello all,
In CHAP, how does Radiator verifies the password submitted by the end user matches the password in the database? Please correct my understanding on the following process flow:
[1] End user submits the username and password via CHAP.
[2] Upon hitting the Radiator with the CHAP-Password attribute, it will respond with Access-Challenge (exit 3).
[3] Perform challenge-response and decide whether the Radiator will Access-Accept or Access-Reject.
My question is, between items [2] and [3], how does Radiator checks and verifies the password of the username from its database? Isn't it that Radiator should check first its database for the username's password during step [2] or before step [3]?
Please advice as I am confused. I am actually using AuthBy EXTERNAL and executing an external script to check an external API for the user's password.
Thank you in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20111123/11150018/attachment.html
More information about the radiator
mailing list