Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

net.sourceforge.jradiusclient
Class RadiusClient

java.lang.Object
  |
  +--net.sourceforge.jradiusclient.RadiusClient
All Implemented Interfaces:
RadiusValues
public class RadiusClient
extends java.lang.Object
implements RadiusValues

This class provides basic functionality required to implement a NAS as defined by the RADIUS protocol as specified in RFC 2865 and RFC 2866. This implementation is stateless and not thread safe, i.e. since the user name could be changed by the current thread or any other thread, it is difficult to ensure that the responseAttributes correlate to the request we think we are dealing with. It is up to the user of this class to ensure these things at this point. A future release may change this class to a stateful, threadsafe object, but it works for now. Users of this class must also manage building their own request attributes and submitting them with their call to authenticate. For example a programmer using this library, wanting to do chap authentication needs to generate the random challenge, send it to the user, who generates the MD5 of

(see RFC 2865 section 2.2) The user software returns the CHAP Identifier and the MD5 result and the programmer using RadiusClient sets that as the CHAP Password. The programmer also sets the CHAP-Challenge attribute and sends that to the Radius Server for authentication.
Special Thanks to the original creator of the "RadiusClient" August Mueller http://augiesoft.com/java/radius/ and to Aziz Abouchi for laying the groundwork for the development of this class.

Version:
$Revision: 1.24 $
Author:
Robert J. Loihl

Field Summary
 
Fields inherited from interface net.sourceforge.jradiusclient.RadiusValues
ACCESS_ACCEPT, ACCESS_CHALLENGE, ACCESS_REJECT, ACCESS_REQUEST, ACCOUNTING_MESSAGE, ACCOUNTING_REQUEST, ACCOUNTING_RESPONSE, ACCOUNTING_STATUS, ACCT_AUTHENTIC, ACCT_DELAY_TIME, ACCT_INPUT_GIGAWORDS, ACCT_INPUT_OCTETS, ACCT_INPUT_PACKETS, ACCT_INTERIM_INTERVAL, ACCT_LINK_COUNT, ACCT_MULTI_SESSION_ID, ACCT_OUTPUT_GIGAWORDS, ACCT_OUTPUT_OCTETS, ACCT_OUTPUT_PACKETS, ACCT_SESSION_ID, ACCT_SESSION_TIME, ACCT_STATUS_TYPE, ACCT_TERMINATE_CAUSE, ADMINISTRATIVE, ADSL_CAP, ADSL_DMT, ARAP, ARAP_CHALLENGE_RESPONSE, ARAP_FEATURES, ARAP_PASSWORD, ARAP_SECURITY, ARAP_SECURITY_DATA, ARAP_ZONE_ACCESS, ASYNC, AUTHENTICATE_ONLY, BROADCAST, BROADCAST_LISTEN, CABLE, Call_CHECK, CALLBACK_ADMINISTRATIVE, CALLBACK_FRAMED, CALLBACK_ID, CALLBACK_LOGIN, CALLBACK_NAS_PROMPT, CALLBACK_NUMBER, CALLED_STATION_ID, CALLING_STATION_ID, CHAP_CHALLENGE, CHAP_PASSWORD, CLASS, CONFIGURATION_TOKEN, CONNECT_INFO, DEFAULT, DIGEST_ATTRIBUTE, DIGEST_RESPONSE, EAP_MESSAGE, EMPTYSTRING, ETHERNET, EVENT_TIMESTAMP, FILTER_ID, FRAMED, FRAMED_APPLETALK_LINK, FRAMED_APPLETALK_NETWORK, FRAMED_APPLETALK_ZONE, FRAMED_COMPRESSION, FRAMED_IP_ADDRESS, FRAMED_IP_NETMASK, FRAMED_IPX_NETWORK, FRAMED_MTU, FRAMED_POOL, FRAMED_PROTOCOL, FRAMED_ROUTE, FRAMED_ROUTING, G3_FAX, GANDALF_SLML, HDLC_CLEAR_CHANNEL, IDLE_TIMEOUT, IDSL, IPX_HEADER_COMPRESSION, ISDN_ASYNC_V110, ISDN_ASYNC_V120, ISDN_SYNC, LAT, LISTEN, LOGIN, LOGIN_IP_HOST, LOGIN_LAT_GROUP, LOGIN_LAT_NODE, LOGIN_LAT_PORT, LOGIN_LAT_SERVICE, LOGIN_SERVICE, LOGIN_TCP_PORT, MAX_PACKET_LENGTH, MESSAGE_AUTHENTICATOR, MIN_PACKET_LENGTH, NAS_IDENTIFIER, NAS_IP_ADDRESS, NAS_PORT, NAS_PORT_ID, NAS_PORT_TYPE, NAS_PROMPT, NONE, OUTBOUND, PASSWORD_ACCEPT, PASSWORD_REJECT, PASSWORD_REQUEST, PASSWORD_RETRY, PIAFS, PORT_LIMIT, PORTMASTER, PPP, PROMPT, PROXY_STATE, RADIUS_HEADER_LENGTH, RADIUS_REQUEST, REPLY_MESSAGE, RESERVED, RLOGIN, SDSL, SERVICE_TYPE, SESSION_TIMEOUT, SIP_ALGORITHM, SIP_BODY_DIGEST, SIP_CNONCE, SIP_METHOD, SIP_NONCE, SIP_NONCE_COUNT, SIP_QOP, SIP_REALM, SIP_URI, SIP_USER_NAME, SLIP, STAC_LZS_COMPRESSION, STATE, STATUS_CLIENT, STATUS_SERVER, SYNC, TCP_CLEAR, TCP_CLEAR_QUIET, TELNET, TERMINATION_ACTION, USER_NAME, USER_PASSWORD, VENDOR_SPECIFIC, VIRTUAL, VJ_TCP_IP_HEADER_COMPRESSION, WIRELESS_IEEE_802_11, WIRELESS_OTHER, X25, X25_PAD, X25_T3POS, X75, X75_SYNCHRONOUS, XDSL, XYLOGICS_PROPRIETARY_IPX_SLIP
 
Constructor Summary
RadiusClient(java.lang.String hostname, int authPort, int acctPort, java.lang.String sharedSecret, java.lang.String userName)
          Constructor allows the user to specify an alternate port for the radius server
RadiusClient(java.lang.String hostname, int authPort, int acctPort, java.lang.String sharedSecret, java.lang.String userName, int sockTimeout)
          Constructor allows the user to specify an alternate port for the radius server
RadiusClient(java.lang.String hostname, java.lang.String sharedSecret, java.lang.String userName)
          Constructor - uses the default port 1812 for authentication and 1813 for accounting
 
Method Summary
 int authenticate(java.lang.String userPass)
          This method performs the job of authenticating the specified user against the radius server.
 int authenticate(java.lang.String userPass, java.io.ByteArrayOutputStream requestAttributes)
          This method performs the job of authenticating the specified user against the radius server.
 int authenticate(java.lang.String userPass, java.io.ByteArrayOutputStream requestAttributes, int retries)
          This method performs the job of authenticating the specified user against the radius server.
protected  void closeSocket()
          closes the socket
 boolean disableAccounting(java.lang.String sessionID)
           
 boolean disableAccounting(java.lang.String sessionID, java.io.ByteArrayOutputStream requestAttributes)
           
 boolean enableAccounting(java.lang.String sessionID)
           
 boolean enableAccounting(java.lang.String sessionID, java.io.ByteArrayOutputStream requestAttributes)
           
 boolean equals(java.lang.Object object)
          Compares the specified Object with this RadiusClient for equality.
 void finalize()
          overrides finalize to close socket and then normal finalize on super class
 int getAcctPort()
          This method returns the current port to be used for accounting
 int getAuthPort()
          This method returns the current port to be used for authentication
 java.lang.String getChallengeMessage()
          This method extracts the Challenge message returned by a RADIUS Server and supplies it to the user, who should them use it to build a new password and re-authenticate.
 java.lang.String getFramedIPAddress()
          This method extracts the Framed IP Address returned by a RADIUS Server
 java.lang.String getHostname()
          This method returns the current Host Name to be used for RADIUS authentication or accounting
 java.lang.String getReplyMessage()
          This method extracts the reply message returned by a RADIUS Server and supplies it to the user, who should them use it to build a new password and re-authenticate.
 java.lang.Integer getSessionTimeout()
          This method extracts the SessionTimeout returned by a RADIUS Server
 java.lang.String getSharedSecret()
          This method returns the current secret value that the Radius Client shares with the RADIUS Server.
 int getTimeout()
          This method returns the current timeout period on a recieve of a response from the RADIUS Server.
 java.lang.String getUserName()
          This method returns the current user name to be used for authentication
 int hashCode()
           
 void setAcctPort(int port)
          This method sets the port to be used for accounting
 void setAuthPort(int port)
          This method sets the port to be used for authentication
 void setUserAttribute(int type, byte[] attribute, java.io.ByteArrayOutputStream requestAttributes)
          This method is used to set a byte array attribute in a Request Attributes ByteArrayOutputStream that can be passed in to the authenticate method.
 void setUserName(java.lang.String username)
          This method sets the user name to be used for authentication
 void setUserSubAttribute(int type, int subType, byte[] attribute, java.io.ByteArrayOutputStream requestAttributes)
          This method is used to set a byte array attribute in a Request Attributes ByteArrayOutputStream that can be passed in to the authenticate method.
 boolean startAccounting(java.lang.String sessionID)
           
 boolean startAccounting(java.lang.String sessionID, java.io.ByteArrayOutputStream requestAttributes)
           
 boolean stopAccounting(java.lang.String sessionID)
           
 boolean stopAccounting(java.lang.String sessionID, java.io.ByteArrayOutputStream requestAttributes)
           
 java.lang.String toString()
          This method returns a string representation of this RadiusClient.
 boolean updateAccounting(java.lang.String sessionID)
           
 boolean updateAccounting(java.lang.String sessionID, java.io.ByteArrayOutputStream requestAttributes)
           
 
Methods inherited from class java.lang.Object
clone, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

RadiusClient

public RadiusClient(java.lang.String hostname,
                    java.lang.String sharedSecret,
                    java.lang.String userName)
             throws java.net.SocketException,
                    java.security.NoSuchAlgorithmException,
                    InvalidParameterException
Constructor - uses the default port 1812 for authentication and 1813 for accounting

Parameters:
hostname - java.lang.String
sharedSecret - java.lang.String
userName - java.lang.String
Throws:
java.net.SocketException - If we could not create the necessary socket
java.security.NoSuchAlgorithmException - If we could not get an instance of the MD5 algorithm.
InvalidParameterException - If an invalid hostname (null or empty string), an invalid port (port < 0 or port > 65536) or an invalid shared secret (null, shared secret can be empty string) is passed in.

RadiusClient

public RadiusClient(java.lang.String hostname,
                    int authPort,
                    int acctPort,
                    java.lang.String sharedSecret,
                    java.lang.String userName)
             throws java.net.SocketException,
                    java.security.NoSuchAlgorithmException,
                    InvalidParameterException
Constructor allows the user to specify an alternate port for the radius server

Parameters:
hostname - java.lang.String
authPort - int the port to use for authentication requests
acctPort - int the port to use for accounting requests
sharedSecret - java.lang.String
userName - java.lang.String
Throws:
java.net.SocketException - If we could not create the necessary socket
java.security.NoSuchAlgorithmException - If we could not get an instance of the MD5 algorithm.
InvalidParameterException - If an invalid hostname (null or empty string), an invalid port ( port < 0 or port > 65536) or an invalid shared secret (null, shared secret can be empty string) is passed in.

RadiusClient

public RadiusClient(java.lang.String hostname,
                    int authPort,
                    int acctPort,
                    java.lang.String sharedSecret,
                    java.lang.String userName,
                    int sockTimeout)
             throws java.net.SocketException,
                    java.security.NoSuchAlgorithmException,
                    InvalidParameterException
Constructor allows the user to specify an alternate port for the radius server

Parameters:
hostname - java.lang.String
authPort - int the port to use for authentication requests
acctPort - int the port to use for accounting requests
sharedSecret - java.lang.String
userName - java.lang.String
Throws:
java.net.SocketException - If we could not create the necessary socket
java.security.NoSuchAlgorithmException - If we could not get an instance of the MD5 algorithm.
InvalidParameterException - If an invalid hostname (null or empty string), an invalid port ( port < 0 or port > 65536) or an invalid shared secret (null, shared secret can be empty string) is passed in.
Method Detail

authenticate

public int authenticate(java.lang.String userPass)
                 throws java.io.IOException,
                        java.net.UnknownHostException,
                        RadiusException,
                        InvalidParameterException
This method performs the job of authenticating the specified user against the radius server.

Parameters:
userPass - java.lang.String
Returns:
int Will be one of three possible values RadiusClient.ACCESS_ACCEPT, RadiusClient.ACCESS_REJECT or RadiusClient.ACCESS_CHALLENGE
Throws:
java.io.IOException
java.net.UnknownHostException
RadiusException
InvalidParameterException

authenticate

public int authenticate(java.lang.String userPass,
                        java.io.ByteArrayOutputStream requestAttributes)
                 throws java.io.IOException,
                        java.net.UnknownHostException,
                        RadiusException,
                        InvalidParameterException
This method performs the job of authenticating the specified user against the radius server.

Parameters:
userPass - java.lang.String
requestAttributes - ByteArrayOutputStream
Returns:
int Will be one of three possible values RadiusClient.ACCESS_ACCEPT, RadiusClient.ACCESS_REJECT or RadiusClient.ACCESS_CHALLENGE
Throws:
java.io.IOException
java.net.UnknownHostException
RadiusException
InvalidParameterException

authenticate

public int authenticate(java.lang.String userPass,
                        java.io.ByteArrayOutputStream requestAttributes,
                        int retries)
                 throws java.io.IOException,
                        java.net.UnknownHostException,
                        RadiusException,
                        InvalidParameterException
This method performs the job of authenticating the specified user against the radius server.

Parameters:
userPass - java.lang.String plaintext userPass to be encrypted using PAP algorithm
requestAttributes - ByteArrayOutputStream
Returns:
int Will be one of three possible values RadiusClient.ACCESS_ACCEPT, RadiusClient.ACCESS_REJECT or RadiusClient.ACCESS_CHALLENGE
Throws:
java.io.IOException
java.net.UnknownHostException
RadiusException
InvalidParameterException

startAccounting

public boolean startAccounting(java.lang.String sessionID)
                        throws java.io.IOException,
                               java.net.UnknownHostException
Returns:
boolean Whether or not this accounting request was successfull
Throws:
java.io.IOException
java.net.UnknownHostException

updateAccounting

public boolean updateAccounting(java.lang.String sessionID)
                         throws java.io.IOException,
                                java.net.UnknownHostException
Returns:
boolean Whether or not this accounting request was successfull
Throws:
java.io.IOException
java.net.UnknownHostException

stopAccounting

public boolean stopAccounting(java.lang.String sessionID)
                       throws java.io.IOException,
                              java.net.UnknownHostException
Returns:
boolean Whether or not this accounting request was successfull
Throws:
java.io.IOException
java.net.UnknownHostException

enableAccounting

public boolean enableAccounting(java.lang.String sessionID)
                         throws java.io.IOException,
                                java.net.UnknownHostException
Returns:
boolean Whether or not this accounting request was successfull
Throws:
java.io.IOException
java.net.UnknownHostException

disableAccounting

public boolean disableAccounting(java.lang.String sessionID)
                          throws java.io.IOException,
                                 java.net.UnknownHostException
Returns:
boolean Whether or not this accounting request was successfull
Throws:
java.io.IOException
java.net.UnknownHostException

startAccounting

public boolean startAccounting(java.lang.String sessionID,
                               java.io.ByteArrayOutputStream requestAttributes)
                        throws java.io.IOException,
                               java.net.UnknownHostException
Parameters:
sessionID - the session identifier we are accounting against for this user
requestAttributes - Any additional attributes you might require to add to the accounting packet. (J.B. 25/08/2003)
Returns:
boolean Whether or not this accounting request was successfull
Throws:
java.io.IOException
java.net.UnknownHostException

updateAccounting

public boolean updateAccounting(java.lang.String sessionID,
                                java.io.ByteArrayOutputStream requestAttributes)
                         throws java.io.IOException,
                                java.net.UnknownHostException
Parameters:
sessionID - the session identifier we are accounting against for this user
requestAttributes - Any additional attributes you might require to add to the accounting packet. (J.B. 25/08/2003)
Returns:
boolean Whether or not this accounting request was successfull
Throws:
java.io.IOException
java.net.UnknownHostException

stopAccounting

public boolean stopAccounting(java.lang.String sessionID,
                              java.io.ByteArrayOutputStream requestAttributes)
                       throws java.io.IOException,
                              java.net.UnknownHostException
Parameters:
sessionID - the session identifier we are accounting against for this user
requestAttributes - Any additional attributes you might require to add to the accounting packet. (J.B. 25/08/2003)
Returns:
boolean Whether or not this accounting request was successfull
Throws:
java.io.IOException
java.net.UnknownHostException

enableAccounting

public boolean enableAccounting(java.lang.String sessionID,
                                java.io.ByteArrayOutputStream requestAttributes)
                         throws java.io.IOException,
                                java.net.UnknownHostException
Parameters:
sessionID - the session identifier we are accounting against for this user
Returns:
boolean Whether or not this accounting request was successfull
Throws:
java.io.IOException
java.net.UnknownHostException

disableAccounting

public boolean disableAccounting(java.lang.String sessionID,
                                 java.io.ByteArrayOutputStream requestAttributes)
                          throws java.io.IOException,
                                 java.net.UnknownHostException
Parameters:
sessionID - the session identifier we are accounting against for this user
Returns:
boolean Whether or not this accounting request was successfull
Throws:
java.io.IOException
java.net.UnknownHostException

getHostname

public java.lang.String getHostname()
This method returns the current Host Name to be used for RADIUS authentication or accounting

Returns:
java.lang.String The name of the host the radius server is running on. Can be either the name or the dotted-quad IP address

getAuthPort

public int getAuthPort()
This method returns the current port to be used for authentication

Returns:
int

setAuthPort

public void setAuthPort(int port)
                 throws InvalidParameterException
This method sets the port to be used for authentication

Parameters:
port - int
Throws:
InvalidParameterException - If the port is less than 0 or greater than 65535

getAcctPort

public int getAcctPort()
This method returns the current port to be used for accounting

Returns:
int

setAcctPort

public void setAcctPort(int port)
                 throws InvalidParameterException
This method sets the port to be used for accounting

Parameters:
port - int
Throws:
InvalidParameterException - If the port is less than 0 or greater than 65535

getUserName

public java.lang.String getUserName()
This method returns the current user name to be used for authentication

Returns:
java.lang.String

setUserName

public void setUserName(java.lang.String username)
                 throws InvalidParameterException
This method sets the user name to be used for authentication

Throws:
InvalidParameterException - If the username is null, empty or all blanks

getSharedSecret

public java.lang.String getSharedSecret()
This method returns the current secret value that the Radius Client shares with the RADIUS Server.

Returns:
java.lang.String

getTimeout

public int getTimeout()
This method returns the current timeout period on a recieve of a response from the RADIUS Server.

Returns:
int

getReplyMessage

public java.lang.String getReplyMessage()
                                 throws RadiusException
This method extracts the reply message returned by a RADIUS Server and supplies it to the user, who should them use it to build a new password and re-authenticate.

Returns:
java.lang.String the challenge message to display to the user
Throws:
RadiusException

getChallengeMessage

public java.lang.String getChallengeMessage()
                                     throws RadiusException
This method extracts the Challenge message returned by a RADIUS Server and supplies it to the user, who should them use it to build a new password and re-authenticate.

Returns:
java.lang.String the challenge message to display to the user
Throws:
RadiusException

getSessionTimeout

public java.lang.Integer getSessionTimeout()
                                    throws RadiusException
This method extracts the SessionTimeout returned by a RADIUS Server

Returns:
java.lang.Integer the session timeout for the user
Throws:
RadiusException

getFramedIPAddress

public java.lang.String getFramedIPAddress()
                                    throws RadiusException
This method extracts the Framed IP Address returned by a RADIUS Server

Returns:
java.lang.String the Framed Ip Address
Throws:
RadiusException

setUserAttribute

public void setUserAttribute(int type,
                             byte[] attribute,
                             java.io.ByteArrayOutputStream requestAttributes)
                      throws InvalidParameterException
This method is used to set a byte array attribute in a Request Attributes ByteArrayOutputStream that can be passed in to the authenticate method. Things that CANNOT/SHOULD NOT be set here are the If you attempt to set one you will get an InvalidParameterException

Parameters:
type - int attribute type
attribute - byte[] the actual attribute byte array
requestAttributes - ByteArrayOutputStream the ByteArrayOutputStreamto write the attribute to
Throws:
InvalidParameterException

setUserSubAttribute

public void setUserSubAttribute(int type,
                                int subType,
                                byte[] attribute,
                                java.io.ByteArrayOutputStream requestAttributes)
                         throws InvalidParameterException
This method is used to set a byte array attribute in a Request Attributes ByteArrayOutputStream that can be passed in to the authenticate method. Things that CANNOT/SHOULD NOT be set here are the If you attempt to set one you will get an InvalidParameterException

Parameters:
type - int attribute type
subType - int sub attribute type
attribute - byte[] the actual attribute byte array
requestAttributes - ByteArrayOutputStream the ByteArrayOutputStreamto write the attribute to
Throws:
InvalidParameterException - author kay michael koehler koehler@remwave.com, koehler@buddy4mac.com, koehler@econo.de

toString

public java.lang.String toString()
This method returns a string representation of this RadiusClient.

Overrides:
toString in class java.lang.Object
Returns:
a string representation of this object.

equals

public boolean equals(java.lang.Object object)
Compares the specified Object with this RadiusClient for equality. Returns true if the given object is also a RadiusClient and the two RadiusClient have the same host, port, sharedSecret & username.

Overrides:
equals in class java.lang.Object
Parameters:
object - Object to be compared for equality with this RadiusClient.
Returns:
true if the specified Object is equal to this RadiusClient.

hashCode

public int hashCode()
Overrides:
hashCode in class java.lang.Object
Returns:
int the hashCode for this RadiusClient

closeSocket

protected void closeSocket()
closes the socket

finalize

public void finalize()
              throws java.lang.Throwable
overrides finalize to close socket and then normal finalize on super class

Overrides:
finalize in class java.lang.Object
java.lang.Throwable
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD