Optional displayable message sent with EAP Request-Identity
Jouni Malinen
j
Fri Dec 26 10:29:26 PST 2008
On Tue, Dec 23, 2008 at 06:51:34PM +0530, Noorul Ameen T wrote:
> I configured linksys ap in enterprise mode and hostapd as a radius server.
> How to make hostapd to send Identity hints (eap_message=hello in
> hostapd.conf) if the connected user is not found in hostapd.eap_user
> file? In other words, for the Unknown identity I want the server to
> send the optional displayable meesage with EAP Request-Identity.
I'm assuming you are talking about the delivery option 3 described in
RFC 4284 appendix. Only the option 1 (EAP-Request/Identity from the
AP/Authenticator) was previously supported, so you would have needed to
configure this in the AP. Anyway, I added support for option 3 into
hostapd now, so you should be able to do this with the current 0.6.x
snapshot version from the git tree.
This is configured by adding a eap_user file entry that is pointing to
Identity method and configuring eap_message in hostapd.conf in the same
way as it is done for the AP/Authenticator delivery. Here's an example
eap_user file I used when testing this:
"user at example.com" MD5 "password"
* Identity
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list