|
From: | Ryan O'Connell |
Subject: | Re: [Help-gnu-radius] Always authenticating users, but returning IP Address for some |
Date: | Wed, 16 Mar 2005 22:28:24 +0000 |
User-agent: | Mozilla Thunderbird 1.0 (Windows/20041206) |
On 16/03/2005 22:18, Sergey Poznyakoff wrote:
Ryan O'Connell <address@hidden> wrote:I'm trying to set up a RADIUS server to always authenticate users sucessfully, but return additional information (Static IP address) from an SQL database for those that get the correct username andI'd suggest to use some extension mechanism to achieve this. For example: DEFAULT Auth-Type = Accept Service-Type = Framed-User, Exec-Program-Wait = "/path/auth %C{User-Name} %C{User-Password}" The program /path/auth is supposed to check the supplied user credentials and supply any additional attributes if these are correct. In the siplest case it can easily be written in shell.
Hi,I tried that but unfortuntely I can't find a way of passing CHAP-Password information in a useful format for an external program to parse on the command-line.
For the moment, I'm just using a perl script to output the SQL database to a users file, with a DEFAULT Auth-Type=Accept too. The only drawback of this is that if a username is supplied that doesn't match the password, the login is rejected.
I did look at trying to write a patch to allow Fall-Through for failed authenticaiton rather than rejecting the login but that appears to be non-trivial.
[Prev in Thread] | Current Thread | [Next in Thread] |