The hotspot web page adds a "\" which gets sent to the RADIUS server for any "#" character in a password.

Here's the RADIUS server log entry:

Wed Jun 16 08:40:38 2004: Auth: Login incorrect: [testuser/Davi\#57!] (from nas x.x.x.x/S0 cli 192.168.0.251)

Is there a fix available for this issue? Are there other characters we should know about as well?

This is a something we will look into correcting for the next release.

Thanks.

I just installed the latest release and I'm still seeing this problem. What gives?

Here's the latest log entry:

Tue Jun 29 23:16:25 2004: Auth: Login incorrect: [testuser/pObox\#567] (from nas x.x.x.x/S0 cli x.x.x.x)

Is there any chance this can be fixed soon so my boss stops breathing down my neck?

So is it now expected that we will fix everything that pops up in the next release?

This is not a programming bug that simply requires a line edit, this is a primitive way that PHP handles characters in a line. If we jump in and fix this one behaviour we will probably break some other area.

We will fix this and will fix it so that it does not break other things. I am sorry but we ran out of time. The next release will not be too far off, so please be patient.

We were hoping to have this added in the 2.00.1 release, however it was never made the cut in time due to the complexity of the problem, and testing needed. We'll be rolling this into one of the next BETA releases to get proper testing.

Thanks!

I have two solutions to keep your boss off of your neck. #1: Set the passwords in the radius server as "Davi/#57!" and "pObox/#567", then tell the users the password is "Davi#57!" and "pObox#567", respectively. When they enter the passwords, they will be correct to them and the radius server. If that is not possible due to other non star-os devices/machines logging into the radius server under the same account, then simply using a password without a "#" character in it will resolve the problem. There are at least 10 other punctuation marks/symbols on the keyboard that can be used instead of a "#" without sacrificing any security.

When you made the post, the current release was in beta testing. The fix wasn't in the beta, so I wouldn't expect it to be in the final release, that would defeat the purpose of beta testing wouldn't it? I'm sure it will make it into the next release, but until then I really don't see a big deal in using one of the above mentioned work arounds.

This problem has been resolved, and will be in the next v2.00.2 release due out soon. Please be sure to keep this in mind when upgrading, as you will need to update your radius servers with the proper password.

Thanks!