Re: (RADIATOR) Problems with AuthSQL and DEFAULT username

Darwin A. Bawasanta Tue, 03 Oct 2000 03:49:04 -0700
Hi, how about using ContinueUntilReject on your AuthByPolicy, can it
perhaps help?  or how about adding replies to all users like:

                 AuthSelect select PASSWORD, CHECKATTR, REPLYATTR \
                            from SUBSCRIBERS where USERNAME = '%n'
                 AddToReplyIfNotExist
Service-Type=Framed-User,PoolHint=Public

then you wont be needing your second AuthBySQL anymore.


Gildas PERROT wrote:
> 
> Hi,
> 
> I defined a DEFAULT username in order to defined default Reply items for all
> users.
> Here are configuration lines for that :
> 
> <Handler>
>         SessionDatabase  SDBSQL
>         AuthByPolicy ContinueWhileAccept
>         <AuthBy SQL>
>                 DBSource dbi:mysql:radius
>                 DBUsername radiator
>                 DBAuth ra1diator
>                 AuthSelect select PASSWORD, CHECKATTR, REPLYATTR \
>                         from SUBSCRIBERS where USERNAME = '%n'
>         </AuthBy>
>         <AuthBy SQL>
>                 DBSource dbi:mysql:radius
>                 DBUsername radiator
>                 DBAuth ra1diator
>                 AuthSelect select NULL, CHECKATTR, REPLYATTR from
> SUBSCRIBERS where USERNAME = 'DEFAULT'
> ....
> 
> In the SUBSCRIBERS, I have :
> 
> | fluxus    | *******  | NULL              |           | PoolHint=Fluxus
> | Fluxus    |
> | DEFAULT   | NULL     | NULL              | NULL      | Service-Type =
> Framed-User,PoolHint=Public | NULL      |
> 
> However, I have a bad behaviour with that configuration : even if I have a
> bad password with 'fluxus' user, the Access request is accepted as you can
> see below :
> 
> Tue Oct  3 10:55:13 2000: DEBUG: Packet dump:
> *** Received from 10.69.1.1 port 1645 ....
> Code:       Access-Request
> Identifier: 7
> Authentic:  <133><24>y<1> !r,<192>F<129><134>*<16><250><216>
> Attributes:
>         NAS-IP-Address = 10.69.1.1
>         NAS-Port = 2
>         NAS-Port-Type = Async
>         User-Name = "Fluxus"
>         Called-Station-Id = "6640"
>         Calling-Station-Id = "672085196"
>         CHAP-Password =
> "<2>0<127><184><200>W<175><255><204><25>@^<210><181><245><1>"
>         Service-Type = Framed-User
>         Framed-Protocol = PPP
> 
> Tue Oct  3 10:55:13 2000: DEBUG: Rewrote user name to fluxus
> Tue Oct  3 10:55:13 2000: DEBUG: Check if Handler  should be used to handle
> this request
> Tue Oct  3 10:55:13 2000: DEBUG: Handling request with Handler ''
> Tue Oct  3 10:55:13 2000: DEBUG: SDBSQL Deleting session for Fluxus,
> 10.69.1.1, 2
> Tue Oct  3 10:55:13 2000: DEBUG: do query is: delete from ONLINE where
> USERNAME='fluxus' and NASPORT=2
> 
> Tue Oct  3 10:55:13 2000: DEBUG: Handling with Radius::AuthSQL
> Tue Oct  3 10:55:13 2000: DEBUG: Handling with Radius::AuthSQL
> Tue Oct  3 10:55:13 2000: DEBUG: Query is: select PASSWORD, CHECKATTR,
> REPLYATTR from SUBSCRIBERS where
> USERNAME = 'fluxus'
> 
> Tue Oct  3 10:55:13 2000: DEBUG: Radius::AuthSQL looks for match with fluxus
> Tue Oct  3 10:55:13 2000: DEBUG: Radius::AuthSQL REJECT: Bad Password
> Tue Oct  3 10:55:13 2000: DEBUG: Query is: select PASSWORD, CHECKATTR,
> REPLYATTR from SUBSCRIBERS where
> USERNAME = 'DEFAULT'
> 
> Tue Oct  3 10:55:13 2000: DEBUG: Radius::AuthSQL looks for match with
> DEFAULT
> Tue Oct  3 10:55:13 2000: DEBUG: Radius::AuthSQL ACCEPT:
> Tue Oct  3 10:55:13 2000: DEBUG: Handling with Radius::AuthSQL
> Tue Oct  3 10:55:13 2000: DEBUG: Handling with Radius::AuthSQL
> Tue Oct  3 10:55:13 2000: DEBUG: Query is: select NULL, CHECKATTR, REPLYATTR
> from SUBSCRIBERS where USER
> NAME = 'DEFAULT'
> 
> Tue Oct  3 10:55:13 2000: DEBUG: Radius::AuthSQL looks for match with fluxus
> Tue Oct  3 10:55:13 2000: DEBUG: Radius::AuthSQL ACCEPT:
> Tue Oct  3 10:55:13 2000: DEBUG: Handling with Radius::AuthDYNADDRESS
> Tue Oct  3 10:55:13 2000: DEBUG: Query is: select YIADDR, SUBNETMASK,
> DNSSERVER from RADPOOL where
> POOL='Public' and STATE=0 order by TIME_STAMP
> 
> How can I solve that problem ?          Thanks in advance for your help.             
>           Gildas.
> 
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.

-- 
  __   
OO- `. Darwin A. Bawasanta  [EMAIL PROTECTED] pgp-id: 0x367CADAC
*  ||| Systems Development Manager                 SKYCablenet, Inc.
L_(_/  Ofc: +63 32 253-6677                 Mobile: +63 917 486-5033
  |||==
 ((_|  "If the facts don't fit the theory, change the facts."

===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Problems with AuthSQL and DEFAULT username

Reply via email to
