[Modules] mod_auth_xradius cannot communicate with FreeRadius server

Edward Rudd urkle at outoforder.cc
Tue Jul 21 11:01:08 EDT 2009


ok..

since you are running apache 2.2 you need to specify the  
AuthBasicProvider to specify which auth modules you are going to check  
against for the area.

So add this

AuthBasicProvider xradius

to the directory section below "AuthType basic" and see if that fixes  
things.


On Jul 21, 2009, at 10:15 AM, Justin Mitchell wrote:

> Edward,
>   Thanks for getting back to me so quickly.  Below are the answers  
> to your questions.
>
>
> 1.       Apache version is 2.2.3
> 2.       As for the error log, I cannot find anywhere in the  
> httpd.conf file that it uses the syntax “valid_user”.  There is a  
> location (the last line in the conf file) that states “require valid- 
> user” but that is using a hyphen and not an underscore.  Is this  
> accurate?
> 3.       I did change my httpd config to display Debug level info in  
> the logs but nothing useful appeared.  The only messages pertaining  
> to this issue was the one I posted previously.
>
>
>
> Thank you,
>
> Justin Mitchell
> Systems Administrator
> Shentel Communications Company
> 540.984.5522
>
> From: Edward Rudd [mailto:urkle at outoforder.cc]
> Sent: Tuesday, July 21, 2009 9:54 AM
> To: Justin Mitchell
> Cc: modules at lists.outoforder.cc
> Subject: Re: [Modules] mod_auth_xradius cannot communicate with  
> FreeRadius server
>
> what version of apache httpd are you using?
> from the error, it looks like it's not understanding "valid_user"  
> and is treating it as a userID.
> Have you run httpd in LogLevel debug?
>
>
>
> On Jul 16, 2009, at 8:50 AM, Justin Mitchell wrote:
>
>
>   I am experiencing a problem with the module not sending requests  
> to my radius server.  I am getting prompted for a UID and password  
> but after entering valid information the prompt immediately returns  
> a 401 error.  Running my radius in debug confirms that the service  
> is never polling the radius server for authentication.
>   The freeradius server is on the same host as the apache so this is  
> not a networking issue.  I am also certain that this is not a radius  
> issue since the service is functioning for other applications.  The  
> module is loading properly and the error logs are less than  
> helpful.  Apache error log states the following :
>
> access to / failed, reason: verification of user id 'valid_user' not  
> configured
>
>   Below is the section of my httpd.conf file that pertains to this  
> module.  Can anyone tell me what I have done wrong?  I copied the  
> example config from the website as a template so it’s a little wordy.
>
>                 ## This Loads mod_auth_xradius into Apache
> LoadModule auth_xradius_module modules/mod_auth_xradius.so
>
>     ## The Cache for mod_auth_xradius must be configured globally.
>     ## If you do not want Authentication Caching, set:
>     # AuthXRadiusCache none -
>
>     ## A Local DBM Based Cache (low performance)
>     # AuthXRadiusCache dbm "conf/auth_xradius_cache"
>
>     ## Only a Single memcached Server
>     # AuthXRadiusCache memcache "127.0.0.1"
>     ## Multiple memcached Servers
>    # AuthXRadiusCache memcache "127.0.0.1 10.0.0.10 10.0.0.11  
> 10.0.0.11:11212"
>
>     ## Time in Seconds that an entry will be cached.
>   #  AuthXRadiusCacheTimeout 300
>
>     <Directory "/var/www/html/">
>         ## All of the directives inside the <Directory> block can be  
> placed
>         ## inside '.htaccess' files.
>
>         ## This is what the client sees in their Prompt.
>         AuthName "Private Area"
>
>         ## Type of authentication to use.
>         AuthType basic
>
>         ## Address and the Shared Secret of the RADIUS Server to  
> contact.
>         AuthXRadiusAddServer "localhost:1812" "valid-secret"
>         ## Multiple Servers can be added in the same context.
>         # AuthXRadiusAddServer "10.0.0.10:1812" "2secrets"
>         # AuthXRadiusAddServer "10.0.0.11:1812" "secret1"
>
>         ## Time in Seconds to wait for replies from the RADIUS Servers
>         AuthXRadiusTimeout 2
>
> ## Number of times to resend a request to a server if no reply is  
> received.
>         AuthXRadiusRetries 2
>
>         ## This tells apache that we want a valid user and password.
>         require valid-user
>     </Directory>
>
>
>
> Thank you,
>
> Justin Mitchell
> Systems Administrator
> Shentel Communications Company
> 540.984.5522
>
> _______________________________________________
> Modules mailing list
> Modules at lists.outoforder.cc
> http://lists.outoforder.cc/mailman/listinfo/modules
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.outoforder.cc/pipermail/modules/attachments/20090721/982fcf13/attachment-0001.html 


More information about the Modules mailing list