Okay, per my earlier post, I decided to try mod_auth_xradius to authenticate users on apache. I've dynamically loaded the module with apxs, and I've made sure the correct LoadModule statements are in place in httpd.conf. After that, I placed a directive at the bottom to limit access to a specific directory:
Code:
<Directory /var/www/html/CCNA1>
AuthName "Private Area"
AuthType basic
AuthXRadiusAddServer "172.31.1.200:1812" "cntRADius"
AuthXRadiusTimeout 2
AuthXRadiusRetries 2
require valid-user
</Directory>
Now, when I attempt to browse to a page in the CCNA1 directory, it pops up a little box asking for a username and password, just like it should. I type in a username and password, press enter, and then it brings back the same box seconds later. There is no problem with the RADIUS server as we have tested with other clients using the same username and password. Here's what I get in my httpd error_log:
Code:
[Tue Jul 24 13:01:48 2007] [error] [client 172.31.1.1] PAM: user 'cntuser' - not authenticated: Authentication failure, referer: http://172.31.1.1/index.php?option=com_content&task=view&id=69&Itemid=61
It looks to me as if for whatever reason, Apache is trying to use PAM to authenticate instead of RADIUS, unless this is what is supposed to happen and PAM sends it off to RADIUS for me. We also used wireshark to see if any UDP packets to port 1812 were being sent out from the server, but nothing was sent. Any ideas?