> 1. I'm using a Radius server connected to the production eduroam
> infrastructure and therefore I'm able to verify common eduroam users.
> However, I've found out that I can't obtain identity (i.e. gss name) of
> the users that are authenticated by the other radius servers. I suppose
> it has something to do with outer/inner identities and am wondering if
> it's to be expected. Note that the Anonymous bit in the flags returned
> by gss_accept_sec_context isn't set - only the "displayed" name is "\0".
The anonymous bit should be set if User-Name is not returned by the RADIUS server. Can you step through acceptReadyEap() in mech_eap and see what's going on?
-- Luke
|