Re: [RADIATOR] two factor authentication

2012-02-01 Thread Heikki Vatiainen
On 02/01/2012 04:01 PM, Alexander Hartmaier wrote: > should I use an AuthHook within the AuthBy INTERNAL? > Documentation for the list of passed parameters for the hooks would be > nice so you don't have to look in the source code, if you're a Perl > developer :) The hook parameters for INTERNA

Re: [RADIATOR] two factor authentication

2012-02-01 Thread Alexander Hartmaier
Hi Hugh, should I use an AuthHook within the AuthBy INTERNAL? Documentation for the list of passed parameters for the hooks would be nice so you don't have to look in the source code, if you're a Perl developer :) That's what replaced the AuthBy HANDLER: DefaultResult ACCEPT

Re: [RADIATOR] two factor authentication

2012-01-18 Thread Hugh Irvine
Hello Alex - You can use an AuthBy INTERNAL between the other two clauses. See section 5.50 in the Radiator 4.9 reference manual ("doc/ref.pdf"). regards Hugh On 18 Jan 2012, at 21:16, Alexander Hartmaier wrote: > Hi Heikki and Mike, > I'm already using AuthBy OTP with my own ChallengeHook.

Re: [RADIATOR] two factor authentication

2012-01-18 Thread Alexander Hartmaier
Hi Heikki and Mike, I'm already using AuthBy OTP with my own ChallengeHook. I've read RFC2865 yesterday but missed the State attribute, thanks for the great pointer! Thats the working config I came up with: Identifier tsa-otp-client-vpn Filename %L/tsa-otp-client-vpn.authlog LogS

Re: [RADIATOR] two factor authentication

2012-01-17 Thread Heikki Vatiainen
On 01/17/2012 10:12 PM, Mike McCauley wrote: > I wonder if he should also look at AuthBy OTP? Good point. If not directly applicable, there might be good ideas how to utilise e.g. Radiator's context framework. -- Heikki Vatiainen Radiator: the most portable, flexible and configurable RADIUS

Re: [RADIATOR] two factor authentication

2012-01-17 Thread Mike McCauley
Hi Heikki, I wonder if he should also look at AuthBy OTP? Cheers. On Tuesday, January 17, 2012 09:39:27 PM Heikki Vatiainen wrote: > On 01/17/2012 08:13 PM, Alexander Hartmaier wrote: > > Hello Alexander, > > > I'm trying to implement a two factor auth where the user has to enter > > his Activ

Re: [RADIATOR] two factor authentication

2012-01-17 Thread Heikki Vatiainen
On 01/17/2012 08:13 PM, Alexander Hartmaier wrote: Hello Alexander, > I'm trying to implement a two factor auth where the user has to enter > his Active Directory credentials. > Radiator checks those against the AD, if successful creates an OTP and > sends that to the mobile phone number fetched

[RADIATOR] two factor authentication

2012-01-17 Thread Alexander Hartmaier
Hi list, I'm trying to implement a two factor auth where the user has to enter his Active Directory credentials. Radiator checks those against the AD, if successful creates an OTP and sends that to the mobile phone number fetched from the AD. A challenge is returned to the NAS. My problem is that I