[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: DEFAULT and users file
From: Alan DeKok <aland () deployingradius ! com>
Date: 2007-03-30 7:08:10
Message-ID: 460CB75A.6050605 () deployingradius ! com
[Download RAW message or body]
Erico Augusto wrote:
> Hi,
>
> I'm using EAP-TTLS to supplicant authentication.
>
> to authenticate the users at freeradius, I'm using users file to match
> user's password:
> ....
> user User-Password == "test"
> Reply-Message = "success"
No. Do NOT match the users password. Instead, tell the server what
the correct password is, and it will figure out what to do.
user Cleartext-Password := "test"
...
> Is there a way, using DEFAULT, for example, to return success to all
> users without the necessity to match the User-Password(bypass freeradius
> authentication). What I'm trying to do is authenticate users just at
> post-auth. I'm using some examples from doc directory, but without
> success...
You can't authenticate users at post-auth. And if you're using EAP,
you can't just return "success", because part of EAP involves validating
the password.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic