Cisco Systems Servers Manuale Utente
11-35
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Chapter 11 Working with User Databases
ODBC Database
will default to case sensitive, whereas Microsoft SQL Server defaults to case
insensitive. However, in the case of CHAP/ARAP, the password is case sensitive
if the CHAP stored procedure is configured.
insensitive. However, in the case of CHAP/ARAP, the password is case sensitive
if the CHAP stored procedure is configured.
For example, with Telnet or PAP authentication, the passwords cisco or CISCO
or CiScO will all work if the SQL Server is configured to be case insensitive.
or CiScO will all work if the SQL Server is configured to be case insensitive.
For CHAP/ARAP, the passwords cisco or CISCO or CiScO are not the same,
regardless of whether or not the SQL Server is configured for case-sensitive
passwords.
regardless of whether or not the SQL Server is configured for case-sensitive
passwords.
Sample Routine for Generating a PAP Authentication SQL
Procedure
Procedure
The following example routine creates a procedure named CSNTAuthUserPap in
Microsoft SQL Server, the default procedure used by Cisco Secure ACS for PAP
authentication. Table and column names that could vary for your database schema
are presented in variable text. The Cisco Secure ACS product CD includes a stub
routine for creating a procedure in either SQL Server or Oracle. For more
information about data type definitions, procedure parameters, and procedure
results, see the
Microsoft SQL Server, the default procedure used by Cisco Secure ACS for PAP
authentication. Table and column names that could vary for your database schema
are presented in variable text. The Cisco Secure ACS product CD includes a stub
routine for creating a procedure in either SQL Server or Oracle. For more
information about data type definitions, procedure parameters, and procedure
results, see the
if exists (select * from sysobjects where id = object_id
(`dbo.CSNTAuthUserPap’) and sysstat & 0xf = 4)
drop procedure dbo.CSNTAuthUserPap
GO
CREATE PROCEDURE CSNTAuthUserPap
@username varchar(64), @pass varchar(255)
AS
SET NOCOUNT ON
IF EXISTS( SELECT
username
FROM
users
WHERE
username
= @username
AND
csntpassword
= @pass )
SELECT 0,
csntgroup
,
csntacctinfo
,"No Error"
FROM
users
WHERE
username
= @username
ELSE
SELECT 3,0,"odbc","ODBC Authen Error"
GO
GRANT EXECUTE ON dbo.CSNTAuthUserPap TO ciscosecure
GO