Previous page Section 3.67.3. NoReplyReject Section 3.67.4. ServerChecksPassword (863 / 1691)   Table of Contents Section 3.67.5. RestAuthReplyDef Next page

3.67.4. ServerChecksPassword Previous topic Parent topic Child topic Next topic

Normally, Radiator fetches the user's credentials, such as password hash, from the server using the PasswordAttr or EncryptedPasswordAttr parameter and checks the password internally. This optional parameter causes the server to check the password instead. This is useful with servers that implement proprietary encryption algorithms in their passwords, or do not provide access to password attribute.
When ServerChecksPassword is specified, Radiator sends the plaintext password with "password" REST API parameter to the server and the password checking is performed by the server only. This is done in addition to any parameters added by RestAuthRequestDef.
Here is an example of using ServerChecksPassword:
# Send plaintext password to server to check
ServerChecksPassword
CAUTION
ServerChecksPassword is compatible with PAP, EAP-TTLS/PAP, and other authentication methods that provide a plain text password. ServerChecksPassword does not work with CHAP, MSCHAP, and most EAP methods since these do not provide a password Radiator can use with an LDAP bind operation.
Previous page Section 3.67.3. NoReplyReject Section 3.67.4. ServerChecksPassword (863 / 1691)   Table of Contents Section 3.67.5. RestAuthReplyDef Next page