[Modules] mod_auth_xradius cannot communicate with FreeRadius server
Justin Mitchell
Justin.Mitchell at emp.shentel.com
Tue Jul 21 10:15:33 EDT 2009
Edward,
Thanks for getting back to me so quickly. Below are the answers to your questions.
1. Apache version is 2.2.3
2. As for the error log, I cannot find anywhere in the httpd.conf file that it uses the syntax "valid_user". There is a location (the last line in the conf file) that states "require valid-user" but that is using a hyphen and not an underscore. Is this accurate?
3. I did change my httpd config to display Debug level info in the logs but nothing useful appeared. The only messages pertaining to this issue was the one I posted previously.
Thank you,
Justin Mitchell
Systems Administrator
Shentel Communications Company
540.984.5522
From: Edward Rudd [mailto:urkle at outoforder.cc]
Sent: Tuesday, July 21, 2009 9:54 AM
To: Justin Mitchell
Cc: modules at lists.outoforder.cc
Subject: Re: [Modules] mod_auth_xradius cannot communicate with FreeRadius server
what version of apache httpd are you using?
from the error, it looks like it's not understanding "valid_user" and is treating it as a userID.
Have you run httpd in LogLevel debug?
On Jul 16, 2009, at 8:50 AM, Justin Mitchell wrote:
I am experiencing a problem with the module not sending requests to my radius server. I am getting prompted for a UID and password but after entering valid information the prompt immediately returns a 401 error. Running my radius in debug confirms that the service is never polling the radius server for authentication.
The freeradius server is on the same host as the apache so this is not a networking issue. I am also certain that this is not a radius issue since the service is functioning for other applications. The module is loading properly and the error logs are less than helpful. Apache error log states the following :
access to / failed, reason: verification of user id 'valid_user' not configured
Below is the section of my httpd.conf file that pertains to this module. Can anyone tell me what I have done wrong? I copied the example config from the website as a template so it's a little wordy.
## This Loads mod_auth_xradius into Apache
LoadModule auth_xradius_module modules/mod_auth_xradius.so
## The Cache for mod_auth_xradius must be configured globally.
## If you do not want Authentication Caching, set:
# AuthXRadiusCache none -
## A Local DBM Based Cache (low performance)
# AuthXRadiusCache dbm "conf/auth_xradius_cache"
## Only a Single memcached Server
# AuthXRadiusCache memcache "127.0.0.1"
## Multiple memcached Servers
# AuthXRadiusCache memcache "127.0.0.1 10.0.0.10 10.0.0.11 10.0.0.11:11212"
## Time in Seconds that an entry will be cached.
# AuthXRadiusCacheTimeout 300
<Directory "/var/www/html/">
## All of the directives inside the <Directory> block can be placed
## inside '.htaccess' files.
## This is what the client sees in their Prompt.
AuthName "Private Area"
## Type of authentication to use.
AuthType basic
## Address and the Shared Secret of the RADIUS Server to contact.
AuthXRadiusAddServer "localhost:1812" "valid-secret"
## Multiple Servers can be added in the same context.
# AuthXRadiusAddServer "10.0.0.10:1812" "2secrets"
# AuthXRadiusAddServer "10.0.0.11:1812" "secret1"
## Time in Seconds to wait for replies from the RADIUS Servers
AuthXRadiusTimeout 2
## Number of times to resend a request to a server if no reply is received.
AuthXRadiusRetries 2
## This tells apache that we want a valid user and password.
require valid-user
</Directory>
Thank you,
Justin Mitchell
Systems Administrator
Shentel Communications Company
540.984.5522
_______________________________________________
Modules mailing list
Modules at lists.outoforder.cc<mailto:Modules at lists.outoforder.cc>
http://lists.outoforder.cc/mailman/listinfo/modules
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.outoforder.cc/pipermail/modules/attachments/20090721/6914ff5d/attachment-0001.html
More information about the Modules
mailing list