[Serusers] radius_is_user_in error

Alejandro Hernandez Lara a3hernan at ryerson.ca
Tue Jul 19 02:39:23 CEST 2005 

Hello.
I'm trying SER 0.8.14 with FreeRadius. The radius server and SER are running in the same pc.
I'am able to authenticate using radius but I have problems when I try to check the group mebership.
Help!
Thanks.

FreeRadius log:

  rad_check_password:  Found Auth-Type Digest
auth: type "digest"
modcall: entering group authenticate
A1 = alejandro:sip2.cn.ryerson.ca:cisco1234
A2 = INVITE:sip:94161000 at sip2.cn.ryerson.ca
KD = 53d3b82970bada131a062103f553b8b8:42dc1764b51d79819e7e9f755aab7b639cc2175a:00000017:7DB990955AB8490D85411C0796224362:auth:18227b358ffe96049a3745eeb449fae2 
  modcall[authenticate]: module "digest" returns ok
modcall: group authenticate returns ok
radius_xlat:  'Authenticated'
Login OK: [alejandro at sip2.cn.ryerson.ca/<no User-Password attribute>] (from client proxy port 5060)
Sending Access-Accept of id 145 to 192.168.2.1:32823
        Reply-Message = "Authenticated"
        Sip-Rpid = "1970"
Finished request 6
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.2.1:32823, id=146, length=55
        User-Name = "alejandro"
        Sip-Group = "pstn"
        Service-Type = Group-Check
        NAS-IP-Address = 192.168.2.1
        NAS-Port = 0
modcall: entering group authorize
Invalid operator for item Suffix: reverting to '=='
Invalid operator for item Suffix: reverting to '=='
Invalid operator for item Suffix: reverting to '=='
  modcall[authorize]: module "preprocess" returns ok
  modcall[authorize]: module "chap" returns noop
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop
  modcall[authorize]: module "digest" returns noop
    rlm_realm: No '@' in User-Name = "alejandro", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop
  modcall[authorize]: module "files" returns notfound
  modcall[authorize]: module "mschap" returns noop
modcall: group authorize returns ok
auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [alejandro/<no User-Password attribute>] (from client proxy port 0)
Delaying request 7 for 1 seconds
Finished request 7

FreeRadius User file.

alejandro at sip2.cn.ryerson.ca Auth-Type := Digest, User-Password == "cisco1234"
        Reply-Message = "Authenticated",
        Sip-Rpid = "1970"

alejandro at sip2.cn.ryerson.ca Auth-Type := Accept
        Reply-Message = "Authorized",
        Sip-Group == "pstn"

 
the SER Config.
.
.
.
.
  if (!radius_www_authorize("")) {
	www_challenge("", "1");
        break;
  }else{
  	if (radius_is_user_in("group", "pstn")){
        	forward(192.168.2.101,5060);
        	break;
        };
  };
.
.
.
.

More information about the sr-users mailing list