[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Pam and radius



>>> Cristian Gafton wrote
> With RADIUS this is not possible. 
With source, nothing is impossible. :)

Put an extra attribute in the response (just for the sake of argument,
lets say the uid), regardless of the passwd being right or not. Have the 
client pull the response apart - presence of uid == real user.

> to it, or will remain silent otherwise. Thus if you get a read timeout or
> 'deny' you have an authetication failure. 

timeout could also mean 'ask someone else'. The lack of an 'I dont know,
ask someone else' code in radius is a real oversight. It means you have
to wait for a timeout.

Anthony



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []