org.openmdx.uses.net.sourceforge.jradiusclient
Class RadiusClient

java.lang.Object
  org.openmdx.uses.net.sourceforge.jradiusclient.AbstractRadiusClient
      org.openmdx.uses.net.sourceforge.jradiusclient.RadiusClient

All Implemented Interfaces:

MultiLineStringRepresentation

public class RadiusClient
extends AbstractRadiusClient
implements MultiLineStringRepresentation

Released under the LGPL
This class provides basic functionality required to implement a NAS as defined by the RADIUS protocol as specified in RFC 2865 and RFC 2866. This implementation is stateless and not thread safe, i.e. since the user name could be changed by the current thread or any other thread, it is difficult to ensure that the responseAttributes correlate to the request we think we are dealing with. It is up to the user of this class to ensure these things at this point. A future release may change this class to a stateful, threadsafe object, but it works for now. Users of this class must also manage building their own request attributes and submitting them with their call to authenticate. For example a programmer using this library, wanting to do chap authentication needs to generate the random challenge, send it to the user, who generates the MD5 of

• a self generated CHAP identifier (a byte)
• their password
• and the CHAP challenge.

(see RFC 2865 section 2.2) The user software returns the CHAP Identifier and the MD5 result and the programmer using RadiusClient sets that as the CHAP Password. The programmer also sets the CHAP-Challenge attribute and sends that to the Radius Server for authentication.
Special Thanks to the original creator of the "RadiusClient" August Mueller http://augiesoft.com/java/radius/ and to Aziz Abouchi for laying the groundwork for the development of this class.

Version:

$Revision: 1.17 $

Author:

Robert J. Loihl

Field Summary

static String

ENCODING

Constructor Summary

RadiusClient(String[] hostname, int[] authPort, int[] acctPort, String sharedSecret, int sockTimeout, boolean logging, InetAddress nasAddress)
Constructor allows the user to specify an alternate port for the radius server

RadiusClient(String hostname, int authPort, int acctPort, String sharedSecret)
Constructor allows the user to specify an alternate port for the radius server

RadiusClient(String hostname, int authPort, int acctPort, String sharedSecret, int sockTimeout)
Constructor allows the user to specify an alternate port for the radius server

RadiusClient(String hostname, String sharedSecret)
Constructor - uses the default port 1812 for authentication and 1813 for accounting

Method Summary

RadiusPacket	account(RadiusPacket requestPacket) This method performs the job of sending accounting information for the current user to the radius accounting server.
RadiusPacket	authenticate(RadiusPacket accessRequest) This method performs the job of authenticating the given RadiusPacket against the radius server.
RadiusPacket	authenticate(RadiusPacket accessRequest, int retries) This method performs the job of authenticating the given RadiusPacket against the radius server.
protected void	closeSocket() closes the socket
boolean	equals(Object object) Compares the specified Object with this RadiusClient for equality.
void	finalize() overrides finalize to close socket and then normal finalize on super class
int[]	getAcctPort() This method returns the current port to be used for accounting
int[]	getAuthPort() This method returns the current port to be used for authentication
InetAddress[]	getHostname() Get the host names
protected byte[]	getSharedSecret() This method returns the current secret value that the Radius Client shares with the RADIUS Server.
int	getTimeout() This method returns the current timeout period on a recieve of a response from the RADIUS Server.
int	hashCode()
String	toString() This method returns a string representation of this RadiusClient.

Methods inherited from class org.openmdx.uses.net.sourceforge.jradiusclient.AbstractRadiusClient

logDebug, logDebug, logWarning

Methods inherited from class java.lang.Object

clone, getClass, notify, notifyAll, wait, wait, wait

Field Detail

ENCODING

public static final String ENCODING

See Also:

Constant Field Values

Constructor Detail

RadiusClient

public RadiusClient(String hostname,
                    String sharedSecret)
             throws RadiusException,
                    InvalidParameterException

Constructor - uses the default port 1812 for authentication and 1813 for accounting

Parameters:

hostname - java.lang.String

sharedSecret - java.lang.String

Throws:

SocketException - If we could not create the necessary socket

NoSuchAlgorithmException - If we could not get an instance of the MD5 algorithm.

InvalidParameterException - If an invalid hostname (null or empty string), an invalid port (port < 0 or port > 65536) or an invalid shared secret (null, shared secret can be empty string) is passed in.

RadiusException

RadiusClient

public RadiusClient(String hostname,
                    int authPort,
                    int acctPort,
                    String sharedSecret)
             throws RadiusException,
                    InvalidParameterException

Constructor allows the user to specify an alternate port for the radius server

Parameters:

hostname - java.lang.String

authPort - int the port to use for authentication requests

acctPort - int the port to use for accounting requests

sharedSecret - java.lang.String

Throws:

SocketException - If we could not create the necessary socket

NoSuchAlgorithmException - If we could not get an instance of the MD5 algorithm.

InvalidParameterException - If an invalid hostname (null or empty string), an invalid port ( port < 0 or port > 65536) or an invalid shared secret (null, shared secret can be empty string) is passed in.

RadiusException

RadiusClient

public RadiusClient(String hostname,
                    int authPort,
                    int acctPort,
                    String sharedSecret,
                    int sockTimeout)
             throws RadiusException,
                    InvalidParameterException

Constructor allows the user to specify an alternate port for the radius server

Parameters:

hostname - java.lang.String

authPort - int the port to use for authentication requests

acctPort - int the port to use for accounting requests

sharedSecret - java.lang.String

timeout - int the timeout to use when waiting for return packets can't be neg and shouldn't be zero

Throws:

RadiusException - If we could not create the necessary socket, If we could not get an instance of the MD5 algorithm, or the hostname did not pass validation

InvalidParameterException - If an invalid hostname (null or empty string), an invalid port ( port < 0 or port > 65536) or an invalid shared secret (null, shared secret can be empty string) is passed in.

RadiusClient

public RadiusClient(String[] hostname,
                    int[] authPort,
                    int[] acctPort,
                    String sharedSecret,
                    int sockTimeout,
                    boolean logging,
                    InetAddress nasAddress)
             throws RadiusException,
                    InvalidParameterException

Constructor allows the user to specify an alternate port for the radius server

Parameters:

hostname - java.lang.String

authPort - int the port to use for authentication requests

acctPort - int the port to use for accounting requests

sharedSecret - java.lang.String

logging - Defines whether logging is enabled or disabled

nasAddress -

timeout - int the timeout to use when waiting for return packets can't be neg and shouldn't be zero

Throws:

RadiusException - If we could not create the necessary socket, If we could not get an instance of the MD5 algorithm, or the hostname did not pass validation

InvalidParameterException - If an invalid hostname (null or empty string), an invalid port ( port < 0 or port > 65536) or an invalid shared secret (null, shared secret can be empty string) is passed in.

Method Detail

authenticate

public RadiusPacket authenticate(RadiusPacket accessRequest)
                          throws RadiusException,
                                 InvalidParameterException

This method performs the job of authenticating the given RadiusPacket against the radius server.

Parameters:

RadiusPacket - containing all of the RadiusAttributes for this request. This RadiusPacket must include the USER_NAME attribute and be of type ACCEES_REQUEST. If the USER_PASSWORD attribute is set it must contain the plaintext bytes, we will encode the plaintext to send to the server with a REVERSIBLE algorithm. We will set the NAS_IDENTIFIER Attribute, so even if it is set in the RadiusPacket we will overwrite it

Returns:

RadiusPacket containing the response attributes for this request

Throws:

RadiusException

InvalidParameterException

authenticate

public RadiusPacket authenticate(RadiusPacket accessRequest,
                                 int retries)
                          throws RadiusException,
                                 InvalidParameterException

This method performs the job of authenticating the given RadiusPacket against the radius server.

Parameters:

RadiusPacket - containing all of the RadiusAttributes for this request. This RadiusPacket must include the USER_NAME attribute and be of type ACCEES_REQUEST. If the USER_PASSWORD attribute is set it must contain the plaintext bytes, we will encode the plaintext to send to the server with a REVERSIBLE algorithm. We will set the NAS_IDENTIFIER Attribute, so even if it is set in the RadiusPacket we will overwrite it

int - retries must be zero or greater, if it is zero default value of 3 will be used

Returns:

RadiusPacket containing the response attributes for this request

Throws:

RadiusException

InvalidParameterException

account

public RadiusPacket account(RadiusPacket requestPacket)
                     throws InvalidParameterException,
                            RadiusException

This method performs the job of sending accounting information for the current user to the radius accounting server.

Parameters:

requestPacket - Any request attributes to add to the accounting packet.

Returns:

RadiusPacket a packet containing the response from the Radius server

Throws:

RadiusException

InvalidParameterException

getHostname

public InetAddress[] getHostname()

Get the host names

Returns:

the host names

getAuthPort

public int[] getAuthPort()

This method returns the current port to be used for authentication

Returns:

int

getAcctPort

public int[] getAcctPort()

This method returns the current port to be used for accounting

Returns:

int

getSharedSecret

protected byte[] getSharedSecret()

This method returns the current secret value that the Radius Client shares with the RADIUS Server.

Returns:

getTimeout

public int getTimeout()

This method returns the current timeout period on a recieve of a response from the RADIUS Server.

Returns:

int

toString

public String toString()

This method returns a string representation of this RadiusClient.

Overrides:

toString in class Object

Returns:

a string representation of this object.

equals

public boolean equals(Object object)

Compares the specified Object with this RadiusClient for equality. Returns true if the given object is also a RadiusClient and the two RadiusClient have the same host, port, sharedSecret & username.

Overrides:

equals in class Object

Parameters:

object - Object to be compared for equality with this RadiusClient.

Returns:

true if the specified Object is equal to this RadiusClient.

hashCode

public int hashCode()

Overrides:

hashCode in class Object

Returns:

int the hashCode for this RadiusClient

closeSocket

protected void closeSocket()

closes the socket

finalize

public void finalize()
              throws Throwable

overrides finalize to close socket and then normal finalize on super class

Overrides:

finalize in class Object

Throws:

Throwable