Hi Stefan,
Can you explain what you're trying to do? Use something other than PEAP or
TTLS with MS-CHAPv2?
Josh.
On 16/07/2013 16:34, "Stefan Paetow" <[log in to unmask]> wrote:
>So far, we've made Moonshot work with the standard RADIUS setup, i.e.
>using the users file with the Cleartext-Password option.
>
>However, we're now running into trouble whilst attempting to plumb in
>alternatives. Does the Moonshot mechanism ever provide the User-Password
>attribute over RADIUS?
>
>I can make Moonshot authenticate with PEAP (and MS-CHAPv2), but then I
>can't get a Chargeable-User-Identity back (the CUI is returned in the
>Access-Challenge packet, not the Access-Accept one, so that needs to be
>tweaked).
>
>However, I can't make Moonshot authenticate with EAP-TTLS (with EAP-MD5
>as the inner, as per documentation) because the Cleartext-Password
>attribute does not exist. Neither can I use PAP as the inner
>authentication protocol because FreeRADIUS does not support setting the
>default_eap_type to PAP (or is there a trick I'm missing?)
>
>So... is there anything that we can do short of having to store passwords
>in clear-text?
>
>Regards
>
>Stefan Paetow
>Software Engineer
>+44 1235 778812
>Diamond Light Source Ltd.
>Diamond House, Harwell Science and Innovation Campus
>Didcot, Oxfordshire, OX11 0DE
>
>
>
>
>--
>This e-mail and any attachments may contain confidential, copyright and
>or privileged material, and are for the use of the intended addressee
>only. If you are not the intended addressee or an authorised recipient of
>the addressee please notify us of receipt by returning the e-mail and do
>not use, copy, retain, distribute or disclose the information in or
>attached to the e-mail.
>Any opinions expressed within this e-mail are those of the individual and
>not necessarily of Diamond Light Source Ltd.
>Diamond Light Source Ltd. cannot guarantee that this e-mail or any
>attachments are free from viruses and we cannot accept liability for any
>damage which you may sustain as a result of software viruses which may be
>transmitted in or with the message.
>Diamond Light Source Limited (company no. 4375679). Registered in England
>and Wales with its registered office at Diamond House, Harwell Science
>and Innovation Campus, Didcot, Oxfordshire, OX11 0DE, United Kingdom
>
Janet(UK) is a trading name of Jisc Collections and Janet Limited, a
not-for-profit company which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238
|