Why does username is considered as part of the identity ?

Jouni Malinen j
Wed Mar 4 23:06:47 PST 2009


On Wed, Mar 04, 2009 at 05:15:43PM -0500, TianHong Zhao wrote:

> In EAP_TTLS/MSCHAPV2, the username is taken from identity (excluding the
> realm part), but why ?
> 
> In the project I'm working on, when using EAP_TTLS/MSCHAPV2, "identity"
> in phase1 is MAC address, "identity" in phase2 is the username,
> is there any easy way to make eap_ttls code choose the right one ?

I'm not sure I'm fully following your description, but if all you want
to do is to use different identity in phase 1 and 2, please take a look
at anonymous_identity parameter: (anonymous_identity="<MAC addr>",
identity="real username").

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the Hostap mailing list