Hello,
the algorithm for authentication is www digest (or http digest --
rfc2617). The password has to be stored either plain text or HA1 format
(see the rfc for how to get the HA1). This auth algorithm uses md5 to
compute the response and decide whether auth was successful or not.
Cheers,
Daniel
On 05/30/07 17:15, Jason Ma wrote:
Hi All,
I'm configuring radius support on openser using
radiusclient-ng-0.5.5.1.tar.gz,and the radius server is Lucent AAA
server,everytime openser sent the request to AAA server,the AAA server
could not parse the request,the logs on AAA server is as below.I
noticed that the the server said it was "Unsupported algorithm",and
the algorithm was null,I'm wandering what kind of algorithm does
radiusclient-ng use?MD5 or HA1......... Please help ! Thanks in advance.
~~~~~~~~~~~~~~~~~~~~~~~
2007/05/29 16:51:45.685 <engine.item.setup> Initializing Radius Item:
192.168.1.42:33345->0.0.0.0:1812(77)
0 <engine.item.setup> Using dictionary: draft-sterman-aaa-sip-01
0 <engine.item.setup> Request decode:
User-Name = "21230001(a)192.168.1.42
<mailto:21230001@192.168.1.42>"
Digest-Attributes =
User-Name = "21230001"
Digest-Attributes =
Realm = "192.168.1.42 <http://192.168.1.42>"
Digest-Attributes =
Nonce = "465c49b766fa11f4a9db29977bf16857d3372780"
Digest-Attributes =
URI = "sip:192.168.1.42 <http://192.168.1.42>"
Digest-Attributes =
Method = "REGISTER"
Digest-Response = "689a0f89cd73751f61b12d04f585a224"
Service-Type = IAPP-Register
Anonymous = v0-a208-3231323330303031
NAS-Port = 5060
NAS-IP-Address = 192.168.1.42 <http://192.168.1.42>
0 <engine.item.setup > User-Name parsed: Base-User-Name =
"21230001", User-Realm = "192.168.1.42 <http://192.168.1.42>"
0 <engine.item.setup> Item setup complete
0 <engine.worker.1 > <setup> ==> ReadUserFile.auth:readUserFile
0 <plugin.ReadUserFile.auth:readUserFile> searchValue =
'21230001(a)192.168.1.42 <mailto:21230001@192.168.1.42>'.
0 <plugin.ReadUserFile.auth:readUserFile > Found entry:
21230001(a)192.168.1.42 <mailto:21230001@192.168.1.42>
0 <plugin.ReadUserFile.auth:readUserFile> Check items for found
entry:
User-Password = <hidden>
Auth-Type = Local
0 <plugin.ReadUserFile.auth:readUserFile> Reply items for found
entry:
0 <plugin.ReadUserFile.auth:readUserFile> SUCCESS -- Read User
21230001(a)192.168.1.42 <mailto:21230001@192.168.1.42>
0 <engine.worker.1> ReadUserFile.auth:readUserFile ==>
AuthHttpDigest.auth:checkDigest by SUCCESS -- Read User
21230001(a)192.168.1.42 <mailto:21230001@192.168.1.42>
0 <plugin.AuthHttpDigest.auth:checkDigest > response =
689a0f89cd73751f61b12d04f585a224
0 <plugin.AuthHttpDigest.auth:checkDigest> realm = 192.168.1.42
<http://192.168.1.42>
0 <plugin.AuthHttpDigest.auth:checkDigest> nonce =
465c49b766fa11f4a9db29977bf16857d3372780
0 <plugin.AuthHttpDigest.auth:checkDigest> method = REGISTER
0 <plugin.AuthHttpDigest.auth:checkDigest> uri =
sip:192.168.1.42 <http://192.168.1.42>
0 <plugin.AuthHttpDigest.auth:checkDigest > qop =
0 <plugin.AuthHttpDigest.auth:checkDigest> algorithm =
0 <plugin.AuthHttpDigest.auth:checkDigest> entityBodyHash =
0 <plugin.AuthHttpDigest.auth:checkDigest> cNonce =
0 <plugin.AuthHttpDigest.auth:checkDigest> nonceCount =
0 <plugin.AuthHttpDigest.auth:checkDigest> username = 21230001
0 <plugin.AuthHttpDigest.auth:checkDigest> ERROR -- Error
generating HTTP digest: java.io.IOException: Unsupported algorithm: :
java.io.IOException: Unsupported algorithm:
1 <engine.worker.1> AuthHttpDigest.auth:checkDigest ==>
End-Of-Methods by ERROR -- Error generating HTTP digest:
java.io.IOException: Unsupported algorithm:
1 <engine.worker.1> 21230001(a)192.168.1.42
<mailto:21230001@192.168.1.42> login discarded due to Error generating
HTTP digest: java.io.IOException: Unsupported algorithm:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
------------------------------------------------------------------------
_______________________________________________
Users mailing list
Users(a)openser.org
http://openser.org/cgi-bin/mailman/listinfo/users