Hi, On Fri, Aug 22, 2014 at 01:09:42AM +0300, Heikki Vatiainen wrote: > On 08/21/2014 01:36 AM, Klara Mall wrote: > > But anyway this was the reason why I wanted the > > RewriteFunction to be applicable in AuthBy NTLM. I don't know with > > which auth methods one could have similar difficuties to use > > RewriteFunction in the handler. Where one can use it in the handler > > there is IMHO no need to use it in AuthBy. > > The additional twist here is that the value of 'LANMAN-Challenge' passed > to ntlm_auth depends on the original username and is calculated by > AuthBY NTLM. The username actually comes over the tunnel twice: as the > inner EAP identity and as a part of a MSCHAPv2 message.
I'm not sure, if I got this. In my patch $challenge is set/calculated before $user is changed by the RewriteFunction. But I put the RewriteFunction at the same position as the UsernameMatchesWithoutRealm rewriting. So I thought this is okay. Isn't it? > The patch you sent is not in yet, but I thought I'd let you know your > input has been most useful. It's good to hear about the different > requirements there are. Thanks for letting me know. I hope that someday it's in. :) Regards Klara _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
