Hi list, I'm trying to implement a two factor auth where the user has to enter his Active Directory credentials. Radiator checks those against the AD, if successful creates an OTP and sends that to the mobile phone number fetched from the AD. A challenge is returned to the NAS. My problem is that I can't distinguish the initial request and the challenge response which should skip the AD auth because this time the password field holds the OTP response.
By looking at the radius packets with tcpdump I couldn't find a difference in the radius attributes sent that let me write two different handlers. Ideas? -- Best regards, Alexander Hartmaier *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien Handelsgericht Wien, FN 79340b *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* Notice: This e-mail contains information that is confidential and may be privileged. If you are not the intended recipient, please notify the sender and then delete this e-mail immediately. *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
