Skip to Main Content
RADIUS
book

RADIUS

by Jonathan Hassell
October 2002
Intermediate to advanced content levelIntermediate to advanced
206 pages
8h 30m
English
O'Reilly Media, Inc.
Content preview from RADIUS

Using Challenge-Response with mod_auth_radius

The mod_auth_radius module is completely compliant with the challenge-response authentication method. However, end-user browser support is relatively limited: Netscape 3.x and 4.x and others support it well, but unfortunately, the browser with the largest hunk of market share, Internet Explorer, doesn’t properly follow the RFC and, therefore, doesn’t function correctly with challenge-response. You should certainly consider this caveat in determining whether to use challenge-response.

For supported browsers, the key to challenge-response is that the RADIUS cookies are set upon any authentication attempt. You can enter gibberish for your password and try to authenticate into a secured area, but while you are denied access because the password was incorrect, the cookie is being set with the RADIUS state attribute. The module also modifies Basic-Authentication-Realm. You then receive another prompt to try again, typically with a challenge. Once you enter the correct password (or the correct response to the challenge), all is well.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

TCP/IP Illustrated, Volume 1: The Protocols, 2nd Edition

TCP/IP Illustrated, Volume 1: The Protocols, 2nd Edition

Kevin R. Fall, W. Richard Stevens
TCP/IP Guide

TCP/IP Guide

Charles M. Kozierok

Publisher Resources

ISBN: 0596003226Errata Page