Hello,
I'm trying to do a configuration to authenticate some guests against a PostGRE DB and other against Guest User Repository.
The Captive Portal process works fine for the Guest Users but for the other, I can't achieve to perform the authentication.
Here is some information:
- PostGRE DB contains username and password (in clear-text)
- If I configure the external DB to be used for authorization, I can retrieve required fields, so, the connection to the DB is correct
- My query is quite simple: SELECT CAST(password as VARCHAR(12)) AS User_Password FROM mytable WHERE UPPER(uid) = UPPER('%{Authentication:Username}'); (I'm casting the value to be sure it is in string format)
Depending of the Pre-Auth check of the Captive Portal, I have the following error:
- Application: Failed to execute sql, reason=The server does not support SSL.
- RADIUS: MSCHAP: Authentication failed
- None (I would like to avoid as the user experience is bad in case of failed login): CHAP: Clear text password not available
I found this tuto which doesn't help me: https://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/How-To-Setup-External-SQL-Filter-Queries-for-Authentication-in/ta-p/187252
Are there some configuration I need to do to use the External DB as authentication source which I don't need for authorization?
According to this: http://deployingradius.com/documents/protocols/compatibility.html , Clear-text can be used at least for the MS-CHAP used in RADIUS Pre-auth and then in the CHAP for the RADIUS Auth.
Thank you for the help,