net.jradius.packet.RadiusPacket Java Examples
The following examples show how to use
net.jradius.packet.RadiusPacket.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: AuthenticationProviderService.java From guacamole-client with Apache License 2.0 | 5 votes |
|
/**
* Returns an object containing the challenge message and the expected
* credentials from a RADIUS challenge, or null if either state or reply
* attributes are missing from the challenge.
*
* @param challengePacket
* The AccessChallenge RadiusPacket received from the RADIUS
* server.
*
* @return
* A GuacamoleRadiusChallenge object that contains the challenge message
* sent by the RADIUS server and the expected credentials that should
* be requested of the user in order to continue authentication. One
* of the expected credentials *must* be the RADIUS state. If either
* state or the reply are missing from the challenge this method will
* return null.
*/
private GuacamoleRadiusChallenge getRadiusChallenge(RadiusPacket challengePacket) {
// Try to get the state attribute - if it's not there, we have a problem
RadiusAttribute stateAttr = challengePacket.findAttribute(Attr_State.TYPE);
if (stateAttr == null) {
logger.error("Something went wrong, state attribute not present.");
logger.debug("State Attribute turned up null, which shouldn't happen in AccessChallenge.");
return null;
}
// We need to get the reply message so we know what to ask the user
RadiusAttribute replyAttr = challengePacket.findAttribute(Attr_ReplyMessage.TYPE);
if (replyAttr == null) {
logger.error("No reply message received from the server.");
logger.debug("Expecting a Attr_ReplyMessage attribute on this packet, and did not get one.");
return null;
}
// We have the required attributes - convert to strings and then generate the additional login box/field
String replyMsg = replyAttr.getValue().toString();
String radiusState = BaseEncoding.base16().encode(stateAttr.getValue().getBytes());
Field radiusResponseField = new PasswordField(CHALLENGE_RESPONSE_PARAM);
Field radiusStateField = new RadiusStateField(radiusState);
// Return the GuacamoleRadiusChallenge object that has the state
// and the expected response.
return new GuacamoleRadiusChallenge(replyMsg,
new CredentialsInfo(Arrays.asList(radiusResponseField,
radiusStateField)));
}
Example #2
| Source File: AuthenticationProviderService.java From guacamole-client with Apache License 2.0 | 5 votes |
|
/**
* Returns an object containing the challenge message and the expected
* credentials from a RADIUS challenge, or null if either state or reply
* attributes are missing from the challenge.
*
* @param challengePacket
* The AccessChallenge RadiusPacket received from the RADIUS
* server.
*
* @return
* A GuacamoleRadiusChallenge object that contains the challenge message
* sent by the RADIUS server and the expected credentials that should
* be requested of the user in order to continue authentication. One
* of the expected credentials *must* be the RADIUS state. If either
* state or the reply are missing from the challenge this method will
* return null.
*/
private GuacamoleRadiusChallenge getRadiusChallenge(RadiusPacket challengePacket) {
// Try to get the state attribute - if it's not there, we have a problem
RadiusAttribute stateAttr = challengePacket.findAttribute(Attr_State.TYPE);
if (stateAttr == null) {
logger.error("Something went wrong, state attribute not present.");
logger.debug("State Attribute turned up null, which shouldn't happen in AccessChallenge.");
return null;
}
// We need to get the reply message so we know what to ask the user
RadiusAttribute replyAttr = challengePacket.findAttribute(Attr_ReplyMessage.TYPE);
if (replyAttr == null) {
logger.error("No reply message received from the server.");
logger.debug("Expecting a Attr_ReplyMessage attribute on this packet, and did not get one.");
return null;
}
// We have the required attributes - convert to strings and then generate the additional login box/field
String replyMsg = replyAttr.getValue().toString();
String radiusState = BaseEncoding.base16().encode(stateAttr.getValue().getBytes());
Field radiusResponseField = new PasswordField(CHALLENGE_RESPONSE_PARAM);
Field radiusStateField = new RadiusStateField(radiusState);
// Return the GuacamoleRadiusChallenge object that has the state
// and the expected response.
return new GuacamoleRadiusChallenge(replyMsg,
new CredentialsInfo(Arrays.asList(radiusResponseField,
radiusStateField)));
}
Example #3
| Source File: JRadiusServerImpl.java From springboot-shiro-cas-mybatis with MIT License | 4 votes |
|
@Override
public RadiusResponse authenticate(final String username, final String password) throws PreventedException {
final AttributeList attributeList = new AttributeList();
attributeList.add(new Attr_UserName(username));
attributeList.add(new Attr_UserPassword(password));
if (StringUtils.isNotBlank(this.nasIpAddress)) {
attributeList.add(new Attr_NASIPAddress(this.nasIpAddress));
}
if (StringUtils.isNotBlank(this.nasIpv6Address)) {
attributeList.add(new Attr_NASIPv6Address(this.nasIpv6Address));
}
if (this.nasPort != -1) {
attributeList.add(new Attr_NASPort(this.nasPort));
}
if (this.nasPortId != -1) {
attributeList.add(new Attr_NASPortId(this.nasPortId));
}
if (this.nasIdentifier != -1) {
attributeList.add(new Attr_NASIdentifier(this.nasIdentifier));
}
if (this.nasRealPort != -1) {
attributeList.add(new Attr_NASRealPort(this.nasRealPort));
}
if (this.nasPortType != -1) {
attributeList.add(new Attr_NASPortType(this.nasPortType));
}
RadiusClient client = null;
try {
client = this.radiusClientFactory.newInstance();
final AccessRequest request = new AccessRequest(client, attributeList);
final RadiusPacket response = client.authenticate(
request,
RadiusClient.getAuthProtocol(this.protocol.getName()),
this.retries);
LOGGER.debug("RADIUS response from {}: {}",
client.getRemoteInetAddress().getCanonicalHostName(),
response.getClass().getName());
if (response instanceof AccessAccept) {
final AccessAccept acceptedResponse = (AccessAccept) response;
return new RadiusResponse(acceptedResponse.getCode(),
acceptedResponse.getIdentifier(),
acceptedResponse.getAttributes().getAttributeList());
}
} catch (final Exception e) {
throw new PreventedException(e);
} finally {
if (client != null) {
client.close();
}
}
return null;
}
Example #4
| Source File: JRadiusServerImpl.java From cas4.0.x-server-wechat with Apache License 2.0 | 4 votes |
|
@Override
public boolean authenticate(final String username, final String password) throws PreventedException {
final AttributeList attributeList = new AttributeList();
attributeList.add(new Attr_UserName(username));
attributeList.add(new Attr_UserPassword(password));
RadiusClient client = null;
try {
client = this.radiusClientFactory.newInstance();
LOGGER.debug("Created RADIUS client instance {}", client);
final AccessRequest request = new AccessRequest(client, attributeList);
final RadiusPacket response = client.authenticate(
request,
RadiusClient.getAuthProtocol(this.protocol.getName()),
this.retries);
LOGGER.debug("RADIUS response from {}: {}",
client.getRemoteInetAddress().getCanonicalHostName(),
response.getClass().getName());
if (response instanceof AccessAccept) {
return true;
}
} catch (final Exception e) {
throw new PreventedException(e);
} finally {
if (client != null) {
client.close();
}
}
return false;
}
Example #5
| Source File: RadiusConnectionService.java From guacamole-client with Apache License 2.0 | 4 votes |
|
/**
* Send a challenge response to the RADIUS server by validating the input and
* then sending it along to the authenticate method.
*
* @param username
* The username to send to the RADIUS server for authentication.
*
* @param response
* The response phrase to send to the RADIUS server in response to the
* challenge previously provided.
*
* @param clientAddress
* The IP address of the client, if known, which will be set in as
* the RADIUS client address.
*
* @param state
* The state data provided by the RADIUS server in order to continue
* the RADIUS conversation.
*
* @return
* A RadiusPacket containing the server's response to the authentication
* attempt.
*
* @throws GuacamoleException
* If an error is encountered trying to talk to the RADIUS server.
*/
public RadiusPacket sendChallengeResponse(String username, String response,
String clientAddress, byte[] state) throws GuacamoleException {
if (username == null || username.isEmpty()) {
logger.error("Challenge/response to RADIUS requires a username.");
return null;
}
if (state == null || state.length == 0) {
logger.error("Challenge/response to RADIUS requires a prior state.");
return null;
}
if (response == null || response.isEmpty()) {
logger.error("Challenge/response to RADIUS requires a response.");
return null;
}
return authenticate(username, response, clientAddress, state);
}
Example #6
| Source File: RadiusConnectionService.java From guacamole-client with Apache License 2.0 | 4 votes |
|
/**
* Send a challenge response to the RADIUS server by validating the input and
* then sending it along to the authenticate method.
*
* @param username
* The username to send to the RADIUS server for authentication.
*
* @param response
* The response phrase to send to the RADIUS server in response to the
* challenge previously provided.
*
* @param state
* The state data provided by the RADIUS server in order to continue
* the RADIUS conversation.
*
* @return
* A RadiusPacket containing the server's response to the authentication
* attempt.
*
* @throws GuacamoleException
* If an error is encountered trying to talk to the RADIUS server.
*/
public RadiusPacket sendChallengeResponse(String username, String response,
byte[] state) throws GuacamoleException {
if (username == null || username.isEmpty()) {
logger.error("Challenge/response to RADIUS requires a username.");
return null;
}
if (state == null || state.length == 0) {
logger.error("Challenge/response to RADIUS requires a prior state.");
return null;
}
if (response == null || response.isEmpty()) {
logger.error("Challenge/response to RADIUS requires a response.");
return null;
}
return authenticate(username,response,state);
}
