Subject: Re: [SR-Users] n00b question -- RADIUS authentication. Date: Mon, May 05, 2014 at 12:09:54PM +0200 Quoting Daniel-Constantin Mierla (miconda@gmail.com):
Hello,
you should just use www_challenge() to send back the 401 response.
Here is a old tutorial, from the time when the project was named openser, but could be a good reading anyhow:
The authentication part is pretty much the same.
And the error too -- exactly the same symptoms are produced.
I also tried with another setup;
if (is_method("REGISTER") ) { # authenticate requests xlog("L_INFO", "authenticate [$fd]\n"); ### RADIUS ### if(!radius_proxy_authorize("$fd")) { proxy_challenge("$fd", "1"); } # user authenticated - remove auth header if(!is_method("REGISTER|PUBLISH")) consume_credentials(); }
This produces a 407 error; but other than that, things are identical.
The core question is why the positive reply from the RADIUS server isn't accepted as such. (could this be a problem with the dictionary?)
Stumblingly grateful,