<font size=2 face="sans-serif">Hi Hugh</font>
<br>
<br><font size=2 face="sans-serif">Thanks for your response.</font>
<br>
<br><font size=2 face="sans-serif">Basically some users will use hardware
tokens, some will use SMS authentication, and others may need the option
of using one or the other (for example, there may not be mobile coverage
to receive an SMS, so they may use a hardware token)</font>
<br>
<br><font size=2 face="sans-serif">I've thought of a way I can do this
through our remote ssl vpn appliance (Juniper) using different realms and
sign in pages. I was thinking SMS users would authenticate using
Radiator, and hardware token users can authenticate directly to RSA AM,
without going through Radius.</font>
<br>
<br><font size=2 face="sans-serif">I was wondering what Radiator can do
in relation to this?</font>
<br>
<br><font size=2 face="sans-serif">Thanks<br>
<br>
Regards<br>
Steve Pirrottina | Network Administrator<br>
I.T Systems and Support | Queensland Treasury Corporation<br>
p: 07 3842 4677 | f: 07 3842 4910<br>
e: spirrottina@qtc.com.au | w: </font><a href=www.qtc.com.au><font size=2 face="sans-serif">www.qtc.com.au</font></a><font size=2 face="sans-serif"><br>
</font>
<br>
<br>
<br>
<table width=100%>
<tr valign=top>
<td><font size=1 color=#5f5f5f face="sans-serif">From:</font>
<td><font size=1 face="sans-serif">Hugh Irvine <hugh@open.com.au></font>
<tr valign=top>
<td><font size=1 color=#5f5f5f face="sans-serif">To:</font>
<td><font size=1 face="sans-serif">SPirrottina@qtc.com.au</font>
<tr>
<td valign=top><font size=1 color=#5f5f5f face="sans-serif">Cc:</font>
<td><font size=1 face="sans-serif">radiator@open.com.au</font>
<tr valign=top>
<td><font size=1 color=#5f5f5f face="sans-serif">Date:</font>
<td><font size=1 face="sans-serif">16/07/2009 14:31</font>
<tr valign=top>
<td><font size=1 color=#5f5f5f face="sans-serif">Subject:</font>
<td><font size=1 face="sans-serif">Re: [RADIATOR] Multiple authentication
methods</font>
<tr valign=top>
<td><font size=1 color=#5f5f5f face="sans-serif">Sent by:</font>
<td><font size=1 face="sans-serif">radiator-bounces@open.com.au</font></table>
<br>
<hr noshade>
<br>
<br>
<br><tt><font size=2><br>
Hello Steve -<br>
<br>
There are a number of ways of classifying requests, not just the Realm
<br>
suffix on a username string.<br>
<br>
You can indeed have multiple AuthBy clauses in a Realm or Handler, or <br>
you can set up different Handlers if there is something in the request
<br>
to differentiate the requests.<br>
<br>
If you can give me a bit more detail I will try to make some sensible <br>
suggestions.<br>
<br>
regards<br>
<br>
Hugh<br>
<br>
<br>
<br>
On 16 Jul 2009, at 12:05, SPirrottina@qtc.com.au wrote:<br>
<br>
> Hi<br>
><br>
> We are evaluating RSA AM 7.1 with Radiator and have a query in <br>
> relation to Radiator and authenticating using different methods.<br>
><br>
> We will have a requirement to have some users authenticating using
<br>
> RSA hardware tokens, and some users via OnDemand SMS <br>
> authentication. I noticed in a document published on RSA's website
<br>
> that the way to do this with Radiator is to have different <br>
> authenticating groups and assign different Realms for each category
<br>
> of user, and this is based on their username.<br>
><br>
> Can this be done any other way as all our users have the same <br>
> username naming convention so this wouldn't work for us? Is
it not <br>
> possible to have two authentication methods in one realm?<br>
><br>
> Thanks for your help.<br>
><br>
><br>
><br>
> Regards<br>
> Steve Pirrottina | Network Administrator<br>
> I.T Systems and Support | Queensland Treasury Corporation<br>
> p: 07 3842 4677 | f: 07 3842 4910<br>
> e: spirrottina@qtc.com.au | w: </font></tt><a href=www.qtc.com.au><tt><font size=2>www.qtc.com.au</font></tt></a><tt><font size=2><br>
> *************************<br>
> Queensland Treasury Corporation
<br>
> Level 14, 61 Mary Street, Brisbane, Queensland 4000
<br>
> (PO Box 1096, Brisbane Qld 4001)
<br>
> T: +61 7 3842 4600<br>
> </font></tt><a href=www.qtc.com.au><tt><font size=2>www.qtc.com.au</font></tt></a><tt><font size=2><br>
><br>
> This email and any attachments (collectively, 'this message') is <br>
> intended only for the addressee and may be confidential and <br>
> privileged. None of its contents may be disclosed to, or relied upon
<br>
> by, any other party without our written consent. If you are not the
<br>
> addressee, you must not copy or use this message for any purpose,
<br>
> nor disclose its contents to anyone. Please delete it and notify QTC
<br>
> immediately by telephoning +61 7 3842 4600 or emailing the sender.<br>
><br>
> Any opinion or advice provided in this message is subject to any <br>
> assumptions noted within it and the assumption that the current <br>
> economic, political and/or commercial environment does not <br>
> materially alter. QTC does not warrant or guarantee any outcome or
<br>
> forecast in this message. Any opinion or advice in this message is
<br>
> provided by QTC in good faith on the basis of information supplied
<br>
> to QTC, which may not have been independently verified by QTC. <br>
> Accordingly, QTC does not represent that the opinion or advice is
<br>
> accurate or complete and it should not be relied upon as such. <br>
> Unless stated otherwise, the views expressed in this message are <br>
> those of the individual sender, not those of QTC.<br>
><br>
> To the extent permitted by law, neither QTC nor any of its <br>
> employees, contractors, servants or agents accept any responsibility
<br>
> and liability whatsoever for any expense, damage, claim, cause of
<br>
> action, loss or costs, incurred by any person in connection with <br>
> that person or any other person placing any reliance on, or acting
<br>
> or refraining to act on the basis of, the contents of this message.<br>
><br>
> QTC does not warrant that any attachments to this email are free <br>
> from viruses or other corruption, and recommends that you scan them
<br>
> for viruses before opening. QTC accepts no liability for any loss
<br>
> caused if this message contains a virus or is otherwise corrupted.<br>
><br>
> QTC respects your privacy, and our privacy plan is available on our
<br>
> website.<br>
><br>
> If you are a QTC public sector customer, please visit our website
<br>
> for information about registering to access our secure customer sub-
<br>
> site.<br>
><br>
> < <br>
> OSC_Radiator_RSAAM_4.3.1_AuthMan7.1 <br>
> .pdf>_______________________________________________<br>
> radiator mailing list<br>
> radiator@open.com.au<br>
> </font></tt><a href=http://www.open.com.au/mailman/listinfo/radiator><tt><font size=2>http://www.open.com.au/mailman/listinfo/radiator</font></tt></a><tt><font size=2><br>
<br>
<br>
<br>
NB:<br>
<br>
Have you read the reference manual ("doc/ref.html")?<br>
Have you searched the mailing list archive (</font></tt><a href=www.open.com.au/archives/radiator><tt><font size=2>www.open.com.au/archives/radiator</font></tt></a><tt><font size=2>)?<br>
Have you had a quick look on Google (</font></tt><a href=www.google.com><tt><font size=2>www.google.com</font></tt></a><tt><font size=2>)?<br>
Have you included a copy of your configuration file (no secrets),<br>
together with a trace 4 debug showing what is happening?<br>
Have you checked the RadiusExpert wiki:<br>
</font></tt><a href=http://www.open.com.au/wiki/index.php/Main_Page><tt><font size=2>http://www.open.com.au/wiki/index.php/Main_Page</font></tt></a><tt><font size=2><br>
<br>
-- <br>
Radiator: the most portable, flexible and configurable RADIUS server<br>
anywhere. Available on *NIX, *BSD, Windows, MacOS X.<br>
Includes support for reliable RADIUS transport (RadSec),<br>
and DIAMETER translation agent.<br>
-<br>
Nets: internetwork inventory and management - graphical, extensible,<br>
flexible with hardware, software, platform and database independence.<br>
-<br>
CATool: Private Certificate Authority for Unix and Unix-like systems.<br>
<br>
<br>
_______________________________________________<br>
radiator mailing list<br>
radiator@open.com.au<br>
</font></tt><a href=http://www.open.com.au/mailman/listinfo/radiator><tt><font size=2>http://www.open.com.au/mailman/listinfo/radiator</font></tt></a><tt><font size=2><br>
</font></tt>
<br><pre>
*************************
Queensland Treasury Corporation
Level 14, 61 Mary Street, Brisbane, Queensland 4000
(PO Box 1096, Brisbane Qld 4001)
T: +61 7 3842 4600
www.qtc.com.au
This email and any attachments (collectively, 'this message') is intended only for the addressee and may be confidential and privileged. None of its contents may be disclosed to, or relied upon by, any other party without our written consent. If you are not the addressee, you must not copy or use this message for any purpose, nor disclose its contents to anyone. Please delete it and notify QTC immediately by telephoning +61 7 3842 4600 or emailing the sender.
Any opinion or advice provided in this message is subject to any assumptions noted within it and the assumption that the current economic, political and/or commercial environment does not materially alter. QTC does not warrant or guarantee any outcome or forecast in this message. Any opinion or advice in this message is provided by QTC in good faith on the basis of information supplied to QTC, which may not have been independently verified by QTC. Accordingly, QTC does not represent that the opinion or advice is accurate or complete and it should not be relied upon as such. Unless stated otherwise, the views expressed in this message are those of the individual sender, not those of QTC.
To the extent permitted by law, neither QTC nor any of its employees, contractors, servants or agents accept any responsibility and liability whatsoever for any expense, damage, claim, cause of action, loss or costs, incurred by any person in connection with that person or any other person placing any reliance on, or acting or refraining to act on the basis of, the contents of this message.
QTC does not warrant that any attachments to this email are free from viruses or other corruption, and recommends that you scan them for viruses before opening. QTC accepts no liability for any loss caused if this message contains a virus or is otherwise corrupted.
QTC respects your privacy, and our privacy plan is available on our website.
If you are a QTC public sector customer, please visit our website for information about registering to access our secure customer sub-site.
</pre>