The previous dialin solution ran on a unix box with a perl
script handling login authentication. There were multiple
password levels (e.g., group password and then a user password)
so that we could roll group passwords periodically and be able to
update the clients easily.
The login sequence worked like this:
<prompt1>: _client enters group name_
<prompt2>: _client enters group passwd_
<prompt3>: _client enters individual name_
<prompt4>: _client enters individual passwd_
(Succeed or fail here)
I'd like to duplicate this sequence using the portmaster. I'm
willing to hack radiusd if necessary.
It seems (from the manual) that I can customize <prompt1>.
<prompt2> can probably NOT be customized, but will always
be "Password:" (Is this true?)
I think I can customize <prompt3> via the Access-Challenge
response from the radius server.
I'd like to know if I can generate <prompt4> via another
Access-Challenge response from the server to complete the
sequence.
Can I extend the prompting to an arbitrary number of
transactions by continuing to send Access-Challenges from
the radius server?
Thanks for any info,
~!paul