Thread: [Rabbit-proxy-users] SQL authentication
Brought to you by:
ernimril
Menu
▾
▴
rabbit-proxy-users
|
From: Richard M. <ri...@sy...> - 2005-05-04 23:22:08
|
I searched quickly on the website and maillist archives but no avail, maybe
I am just a 'tard.. But is their anyway short of editing the source code to
get an SQL backend for proxy-authentication. We are using this as a
"dial-broadband" service and would like some way to control access to users,
since our Radius server for the dialup server use SQL I figured it would be
a perfect match.
Richard Dean Marriner II
SYIX.COM --=-- Network Administrator
530-755-1751x206 - richard at syix.com
|
|
From: Luis S. <lso...@gl...> - 2005-05-05 00:14:22
|
This indeed would be a nice feature=2E Currently we have a perl scribe th=
at uses DBI to query the database and build the text password file for the=
proxy server=2E The process runs once an hour and requires the proxy ser=
ver to be restarted before it will read the access file=2E Specifying a c=
onnection string and an sql query string in rabbit the conf would be wonde=
rful=2E
--luis
---------- Original Message ----------
To: (rabbit-proxy-users@lists=2Esourceforge=2Enet)
From: Richard Marriner (richard@syix=2Ecom)
Subject: [Rabbit-proxy-users] SQL authentication
Date: 5/4/2005 7:22:00p
> I searched quickly on the website and maillist archives but no avail,
> maybe I am just a 'tard=2E=2E But is their anyway short of editing the =
> source code to get an SQL backend for proxy-authentication=2E We are us=
ing
> this as a "dial-broadband" service and would like some way to control
> access to users, since our Radius server for the dialup server use SQL I=
> figured it would be a perfect match=2E
>
>
>
>
> Richard Dean Marriner II
> SYIX=2ECOM --=3D-- Network Administrator
> 530-755-1751x206 - richard at syix=2Ecom
>
>
>
> -------------------------------------------------------
> This SF=2ENet email is sponsored by: NEC IT Guy Games=2E
> Get your fingers limbered up and give it your best shot=2E 4 great event=
s, 4
> opportunities to win big! Highest score wins=2ENEC IT Guy Games=2E Play =
to
> win an NEC 61 plasma display=2E Visit http://www=2Enecitguy=2Ecom/?r=3D2=
0
> _______________________________________________
> Rabbit-proxy-users mailing list
> Rabbit-proxy-users@lists=2Esourceforge=2Enet
> https://lists=2Esourceforge=2Enet/lists/listinfo/rabbit-proxy-users
Luis Soltero, Ph=2ED=2E, MCS
Director of Software Development and CTO
Global Marine Networks, LLC
StarPilot, LLC
Tel: 865-379-8723
Fax: 865-681-5017
E-Mail: lsoltero@globalmarinenet=2Enet
Web: http://www=2Eglobalmarinenet=2Enet
Web: http://www=2Estarpilotllc=2Ecom
Wireless E-Mail, Web Hosting, Weather and more=2E=2E=2E
and
StarPilot, the state of the art in navigation computations at your finger =
tips=2E=2E=2E
|
|
From: Robert O. <ro...@kh...> - 2005-05-05 11:50:01
|
Luis Soltero wrote: >Specifying a connection string and an sql query string in rabbit the conf would be wonderful. > > This is not possible right now. Writing a filter to handle it will not take long. How long should the data be cached in rabbit? or do you want rabbit to ask the database for every request it gets? Should negative responses be cached as well? /robo |
|
From: Luis S. <lso...@gl...> - 2005-05-05 13:18:48
|
Hi Robo,
We use gnu-radius and mysql here to do the authentication=2E when configur=
ing gnu-radius for use with sql you specify the connect string and the que=
ry strings in the config file=2E The program does no caching=2E It queri=
es the db for every request=2E I would think that making a query for ever=
y request should work fine=2E The incoming connections are slow and sql d=
atabases do caching to enhance performance so no caching should not impact=
performance very much=2E I would try no caching at all to start with and=
only implement caching if performance is found to be lacking=2E
Another alternative might be to only cache 'good' responses=2E A negative=
response causes a query to the db=2E good responses should be flushed ev=
ery X minutes=2E The flush time could be configured in the config file=2E=
I see no reason to cache negative responses=2E
Here are some sample sql configuration stanzas from the gnu-radius config =
file=2E gnu-radius substitues %u by the login users id=2E
# The interface statement specifies which SQL interface to use=2E It is
# needed only if the package is configured with both --with-mysql and
# --with-postgres options=2E
interface mysql
server localhost
port 3306
login dbuser
password dbpassword
auth_query SELECT password FROM table WHERE user=3D'%u'
Thanks,
--luis
---------- Original Message ----------
To: Luis Soltero (lsoltero@globalmarinenet=2Enet)
From: Robert Olofsson (robo@khelekore=2Eorg)
Subject: Re: [Rabbit-proxy-users] SQL authentication
Date: 5/5/2005 7:49:47a
> Luis Soltero wrote:
>
> >Specifying a connection string and an sql query string in rabbit the co=
nf
> >would be wonderful=2E
> >
> >
> This is not possible right now=2E Writing a filter to handle it will not=
> take long=2E
>
> How long should the data be cached in rabbit? or do you want rabbit to
> ask the database for every request it gets? Should negative responses
> be cached as well?
>
> /robo
>
>
>
> -------------------------------------------------------
> This SF=2ENet email is sponsored by: NEC IT Guy Games=2E
> Get your fingers limbered up and give it your best shot=2E 4 great event=
s, 4
> opportunities to win big! Highest score wins=2ENEC IT Guy Games=2E Play =
to
> win an NEC 61 plasma display=2E Visit http://www=2Enecitguy=2Ecom/?r=3D2=
0
> _______________________________________________
> Rabbit-proxy-users mailing list
> Rabbit-proxy-users@lists=2Esourceforge=2Enet
> https://lists=2Esourceforge=2Enet/lists/listinfo/rabbit-proxy-users
Luis Soltero, Ph=2ED=2E, MCS
Director of Software Development and CTO
Global Marine Networks, LLC
StarPilot, LLC
Tel: 865-379-8723
Fax: 865-681-5017
E-Mail: lsoltero@globalmarinenet=2Enet
Web: http://www=2Eglobalmarinenet=2Enet
Web: http://www=2Estarpilotllc=2Ecom
Wireless E-Mail, Web Hosting, Weather and more=2E=2E=2E
and
StarPilot, the state of the art in navigation computations at your finger =
tips=2E=2E=2E
|
|
From: Robert O. <ro...@kh...> - 2005-05-05 15:53:23
|
Ok, I have made a filter for sql-proxy authentication. You can try it with: http://www.khelekore.org/rabbit/RabbIT2.0.38-pre1.jar Note: I do not have any db at home yet (I will set one up soon) so this is not very well tested. Please report status... Note: You will have to enable and configure the SQLProxyAuth filter Note: The 2.0.38 release will require java/5. If you want java/1.4 tell me so, backporting this to 2.0.37 is easy. Due to java/5 many things have had minor code changes, hopefully everything works, but do not be surprised if some things breaks. Help with testing appreciated. /robo |
|
From: Robert O. <ro...@kh...> - 2005-05-05 16:33:04
|
Luis Soltero wrote: >Thanks for the quick response. We run FreeBSD here so upgrading to Java/5 is a big deal... >Anyway, if you want quick testing on your implementation then please back port the code to 2.0.37. > > Ok, since some of you seem to run java/1.4 there is a 2.037b: http://www.khelekore.org/rabbit/RabbIT2.0.37b.jar I still havent got any database installed at home, so this filter will probably break in a few places. Fix it or bug me (or both)... I will install a database later on, I usually have one, but I havent really needed one at home since my last desktop upgrade... Have fun. /robo |
|
From: Robert O. <ro...@kh...> - 2005-05-05 17:51:29
|
Robert Olofsson wrote: > http://www.khelekore.org/rabbit/RabbIT2.0.37b.jar > > I still havent got any database installed at home, so this filter > will probably break in a few places. Fix it or bug me (or both)... Ok, it was broken, I had forgotten one line, doh! Actually testing with a db made that one obvious quickly.. There is a new release with the same name out and also an updated http://www.khelekore.org/rabbit/RabbIT2.0.38-pre1.jar Have fun /robo |
|
From: Richard M. <ri...@sy...> - 2005-05-10 21:24:33
|
Hey guys, have been playing with this SQLProxyAuth. I am using the RabbIT2.0.37b.jar below and J2SDK 1.4.2... I keep getting this... java.sql.SQLException: The url cannot be null My rabbit.conf file includes: [rabbit.filter.SQLProxyAuth] driver=org.gjt.mm.mysql.Driver url=jdbc:mysql://localhost/dbname user=username password=password select=SELECT password FROM users WHERE username = '?' [Filters] httpinfilters=rabbit.filter.HTTPBaseFilter,rabbit.filter.DontFilterFilter,ra bbit.proxy.SQLProxyAuth I know next to nothing about java.. So bare with me, please... ;) Rich > Robert Olofsson wrote: > > > http://www.khelekore.org/rabbit/RabbIT2.0.37b.jar > > > > I still havent got any database installed at home, so this filter > > will probably break in a few places. Fix it or bug me (or both)... > > Ok, it was broken, I had forgotten one line, doh! > Actually testing with a db made that one obvious quickly.. > > There is a new release with the same name out and also an updated > http://www.khelekore.org/rabbit/RabbIT2.0.38-pre1.jar > > Have fun > /robo > > |
|
From: Robert O. <ro...@kh...> - 2005-05-11 18:06:51
|
Richard Marriner wrote: > java.sql.SQLException: The url cannot be null > > Ok, that seems odd. You would get that if you did not specify the url, you seem to have done so. Do you have any space before/after url in the config file? >My rabbit.conf file includes: >[rabbit.filter.SQLProxyAuth] >driver=org.gjt.mm.mysql.Driver >url=jdbc:mysql://localhost/dbname > > Do you get anything in the error_log? /robo |
|
From: Richard M. <ri...@sy...> - 2005-05-12 05:05:41
|
Ok, After reinstalling the OS with Fedora C3 32bit (instead of the 64bit I was having the below problem with) and installing SDK5 with 2.0.38b-pre1 It is now working flawlessly.. I was originally running the server on FreeBSD 4.11 but kept getting Java Core dumps so I switched to Fedora... I appreciate ALL of your guys' help! Richard > -----Original Message----- > From: rab...@li... > [mailto:rab...@li...] On > Behalf Of Robert Olofsson > Sent: Wednesday, May 11, 2005 11:06 AM > To: Richard Marriner > Cc: rab...@li... > Subject: Re: [Rabbit-proxy-users] SQL authentication > > Richard Marriner wrote: > > > java.sql.SQLException: The url cannot be null > > > > > Ok, that seems odd. You would get that if you did not specify the url, > you seem to have done so. Do you have any space before/after url in > the config file? > > >My rabbit.conf file includes: > >[rabbit.filter.SQLProxyAuth] > >driver=org.gjt.mm.mysql.Driver > >url=jdbc:mysql://localhost/dbname > > > > > Do you get anything in the error_log? > > /robo > > > > ------------------------------------------------------- > This SF.Net email is sponsored by Oracle Space Sweepstakes > Want to be the first software developer in space? > Enter now for the Oracle Space Sweepstakes! > http://ads.osdn.com/?ad_id=7393&alloc_id=16281&op=click > _______________________________________________ > Rabbit-proxy-users mailing list > Rab...@li... > https://lists.sourceforge.net/lists/listinfo/rabbit-proxy-users > |
|
From: Richard M. <ri...@sy...> - 2005-05-05 14:32:50
|
Robo,
I would venture to say no caching. One of the reasons for using a SQL
backend is for real time updates without having to "reload" the server
software. As Luis pointed out, most software that uses SQL backends have
options to specify the SQL server, username, password, database and some
even go as far as to letting you write your own SELECT statement. (As shown
in Luis' post) I don't know how useful this feature would be to most
people, but it would be a nice feature to have listed on the website. ;)
(I would use it though...)
Richard Dean Marriner II
SYIX.COM --=-- Network Administrator
530-755-1751x206 - richard at syix.com
> -----Original Message-----
> From: rab...@li...
> [mailto:rab...@li...] On
> Behalf Of Robert Olofsson
> Sent: Thursday, May 05, 2005 4:50 AM
> To: Luis Soltero
> Cc: Richard Marriner; rab...@li...
> Subject: Re: [Rabbit-proxy-users] SQL authentication
>
> Luis Soltero wrote:
>
> >Specifying a connection string and an sql query string in
> rabbit the conf would be wonderful.
> >
> >
> This is not possible right now. Writing a filter to handle it
> will not take
> long.
>
> How long should the data be cached in rabbit? or do you want rabbit to
> ask the database for every request it gets? Should negative responses
> be cached as well?
>
> /robo
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: NEC IT Guy Games.
> Get your fingers limbered up and give it your best shot. 4
> great events, 4
> opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
> win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
> _______________________________________________
> Rabbit-proxy-users mailing list
> Rab...@li...
> https://lists.sourceforge.net/lists/listinfo/rabbit-proxy-users
>
|
Thanks for helping keep SourceForge clean.
X