Captive portal fails on empty RADIUS password
An empty password is not sent to the RADIUS server for verification, it just produces an error. PHP code is checking for a password value, when it means to check if the field was sent. The attached patch will fix things up; also fixed some whitespace problems in the vicinity.
Updated by Michael Newton over 9 years ago
When using a captive portal, the need is often to display T&C and prevent casual users from getting access, not to provide comprehensive AAA.
Since the RFC doesn't require any password value, I guess the relevant question is "why doesn't pfSense allow an empty pass?"
Updated by Michael Newton about 9 years ago
No updates on this? There seems to be little interest in any changes to RADIUS handling, I keep seeing "why do you need this" when users ask for anything...
Also, with such a low-risk patch there's no reason it couldn't be included in a 2.0x release.
Updated by Cyrill B about 9 years ago
Do you still have a copy of your patch? The attached file produces a 404 here.
I recently submitted a pull request  that fixes the problem that an empty secret key for RADIUS servers 2-4 results in them not being used at all (as they are not written to file without a secret key), although the GUI states that an empty secret key is allowed and also accepts it.