I'm looking for an opensource DHCP server which supports the user authentication protocol described in RFC 2485: >> User Authentication Protocol Option >> >> This option specifies a list of URLs, each pointing to a user >> authentication service that is capable of processing authentication >> requests encapsulated in the User Authentication Protocol (UAP). UAP >> servers can accept either HTTP 1.1 or SSLv3 connections. If the list >> includes a URL that does not contain a port component, the normal >> default port is assumed (i.e., port 80 for http and port 443 for >> https). If the list includes a URL that does not contain a path >> component, the path /uap is assumed. The manpage for RHEL4's dhcpd.conf includes the following: >> authenticated clients; >> >> If specified, this statement either allows or prevents allocation from >> this pool to any client that has been authenticated using the DHCP >> authentication protocol. This is not yet supported. >> >> unauthenticated clients; >> >> If specified, this statement either allows or prevents allocation from >> this pool to any client that has not been authenticated using the DHCP >> authentication protocol. This is not yet supported. So it looks like there are hooks for this in RedHat's DHCP server, but nothing useful (yet). Does anyone know whether RHEL5's dhcpd will support this? Or whether there are any other DHCP servers that I could deploy in place of the standard RHEL4 one? Thus far, the bit of googling I've done hasn't turned up anything useful. Thanks in advance ... PS: The more I think about this, though, the more confused I am about how it would work. If a DHCP server were told to prevent allocation from an address pool to clients which had not yet authenticated, how could those clients even connect to the specified authentication URLs, if they haven't gotten an IP address yet? I _must_ be missing something obvious here ... --------------- Mark Bartelt Center for Advanced Computing Research California Institute of Technology Pasadena, California 91125 626 395 2522 626 584 5917 fax 626 628 3994 e-fax mark@xxxxxxxxxxxxxxxx http://www.cacr.caltech.edu/~mark - To unsubscribe from this list: send the line "unsubscribe linux-admin" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
