Examples with Attr_NASIdentifier - net.jradius.dictionary.Attr

Example 1 with Attr_NASIdentifier

use of net.jradius.dictionary.Attr_NASIdentifier in project cas by apereo.

the class JRadiusServerImpl method authenticate.

@Override
public RadiusResponse authenticate(final String username, final String password) throws Exception {
    final AttributeList attributeList = new AttributeList();
    attributeList.add(new Attr_UserName(username));
    attributeList.add(new Attr_UserPassword(password));
    if (StringUtils.isNotBlank(this.nasIpAddress)) {
        attributeList.add(new Attr_NASIPAddress(this.nasIpAddress));
    }
    if (StringUtils.isNotBlank(this.nasIpv6Address)) {
        attributeList.add(new Attr_NASIPv6Address(this.nasIpv6Address));
    }
    if (this.nasPort != -1) {
        attributeList.add(new Attr_NASPort(this.nasPort));
    }
    if (this.nasPortId != -1) {
        attributeList.add(new Attr_NASPortId(this.nasPortId));
    }
    if (StringUtils.isNotBlank(this.nasIdentifier)) {
        attributeList.add(new Attr_NASIdentifier(this.nasIdentifier));
    }
    if (this.nasRealPort != -1) {
        attributeList.add(new Attr_NASRealPort(this.nasRealPort));
    }
    if (this.nasPortType != -1) {
        attributeList.add(new Attr_NASPortType(this.nasPortType));
    }
    RadiusClient client = null;
    try {
        client = this.radiusClientFactory.newInstance();
        final AccessRequest request = new AccessRequest(client, attributeList);
        final RadiusPacket response = client.authenticate(request, RadiusClient.getAuthProtocol(this.protocol.getName()), this.retries);
        LOGGER.debug("RADIUS response from [{}]: [{}]", client.getRemoteInetAddress().getCanonicalHostName(), response.getClass().getName());
        if (response instanceof AccessAccept) {
            final List<RadiusAttribute> attributes = response.getAttributes().getAttributeList();
            LOGGER.debug("Radius response code [{}] accepted with attributes [{}] and identifier [{}]", response.getCode(), attributes, response.getIdentifier());
            return new RadiusResponse(response.getCode(), response.getIdentifier(), attributes);
        }
        LOGGER.debug("Response is not recognized");
    } finally {
        if (client != null) {
            client.close();
        }
    }
    return null;
}

Also used : Attr_NASRealPort(net.jradius.dictionary.vsa_redback.Attr_NASRealPort) RadiusClient(net.jradius.client.RadiusClient) AccessRequest(net.jradius.packet.AccessRequest) AttributeList(net.jradius.packet.attribute.AttributeList) Attr_NASPort(net.jradius.dictionary.Attr_NASPort) Attr_NASIPAddress(net.jradius.dictionary.Attr_NASIPAddress) Attr_NASPortId(net.jradius.dictionary.Attr_NASPortId) Attr_UserPassword(net.jradius.dictionary.Attr_UserPassword) Attr_NASPortType(net.jradius.dictionary.Attr_NASPortType) RadiusAttribute(net.jradius.packet.attribute.RadiusAttribute) RadiusPacket(net.jradius.packet.RadiusPacket) Attr_UserName(net.jradius.dictionary.Attr_UserName) Attr_NASIPv6Address(net.jradius.dictionary.Attr_NASIPv6Address) Attr_NASIdentifier(net.jradius.dictionary.Attr_NASIdentifier) AccessAccept(net.jradius.packet.AccessAccept)

Example 2 with Attr_NASIdentifier

use of net.jradius.dictionary.Attr_NASIdentifier in project opennms by OpenNMS.

the class RadiusAuthMonitor method poll.

/**
     * {@inheritDoc}
     *
     * Radius Authentication Poller
     *
     * Note that the poller will return SERVICE_AVAILABLE only if the
     * authentication Request actually succeeds. A failed authentication
     * request will result in SERVICE_UNAVILABLE, although the radius
     * server may actually be up.
     * @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_AVAILABLE
     * @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_UNAVAILABLE
     * @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_UNRESPONSIVE
     * @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_AVAILABLE
     * @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_UNAVAILABLE
     * @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_UNRESPONSIVE
     * @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_AVAILABLE
     * @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_UNAVAILABLE
     * @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_UNRESPONSIVE
     */
@Override
public PollStatus poll(MonitoredService svc, Map<String, Object> parameters) {
    // Assume that the service is down
    PollStatus status = PollStatus.unavailable();
    if (parameters == null) {
        throw new NullPointerException();
    }
    final TimeoutTracker tracker = new TimeoutTracker(parameters, DEFAULT_RETRY, DEFAULT_TIMEOUT);
    int authport = ParameterMap.getKeyedInteger(parameters, "authport", DEFAULT_AUTH_PORT);
    int acctport = ParameterMap.getKeyedInteger(parameters, "acctport", DEFAULT_ACCT_PORT);
    String user = ParameterMap.getKeyedString(parameters, "user", DEFAULT_USER);
    String password = ParameterMap.getKeyedString(parameters, "password", DEFAULT_PASSWORD);
    String secret = ParameterMap.getKeyedString(parameters, "secret", DEFAULT_SECRET);
    String authType = ParameterMap.getKeyedString(parameters, "authtype", DEFAULT_AUTH_TYPE);
    String nasid = ParameterMap.getKeyedString(parameters, "nasid", DEFAULT_NASID);
    InetAddress addr = svc.getAddress();
    AttributeFactory.loadAttributeDictionary("net.jradius.dictionary.AttributeDictionaryImpl");
    int timeout = convertTimeoutToSeconds(ParameterMap.getKeyedInteger(parameters, "timeout", DEFAULT_TIMEOUT));
    try {
        final RadiusClient rc = new RadiusClient(addr, secret, authport, acctport, timeout);
        for (tracker.reset(); tracker.shouldRetry(); tracker.nextAttempt()) {
            final AttributeList attributes = new AttributeList();
            attributes.add(new Attr_UserName(user));
            attributes.add(new Attr_NASIdentifier(nasid));
            attributes.add(new Attr_UserPassword(password));
            final AccessRequest accessRequest = new AccessRequest(rc, attributes);
            final RadiusAuthenticator auth;
            if (authType.equalsIgnoreCase("chap")) {
                auth = new CHAPAuthenticator();
            } else if (authType.equalsIgnoreCase("pap")) {
                auth = new PAPAuthenticator();
            } else if (authType.equalsIgnoreCase("mschapv1")) {
                auth = new MSCHAPv1Authenticator();
            } else if (authType.equalsIgnoreCase("mschapv2")) {
                auth = new MSCHAPv2Authenticator();
            } else if (authType.equalsIgnoreCase("eapmd5") || authType.equalsIgnoreCase("eap-md5")) {
                auth = new EAPMD5Authenticator();
            } else if (authType.equalsIgnoreCase("eapmschapv2") || authType.equalsIgnoreCase("eap-mschapv2")) {
                auth = new EAPMSCHAPv2Authenticator();
            } else {
                String reason = "Unknown authenticator type '" + authType + "'";
                RadiusAuthMonitor.LOG.debug(reason);
                return PollStatus.unavailable(reason);
            }
            tracker.startAttempt();
            // The retry should be handled by the RadiusClient because otherwise it will thrown an exception.
            RadiusPacket reply = rc.authenticate(accessRequest, auth, ParameterMap.getKeyedInteger(parameters, "retry", DEFAULT_RETRY));
            if (reply instanceof AccessAccept) {
                double responseTime = tracker.elapsedTimeInMillis();
                status = PollStatus.available(responseTime);
                LOG.debug("Radius service is AVAILABLE on: {}", addr.getCanonicalHostName());
                LOG.debug("poll: responseTime= {}", responseTime);
                break;
            } else if (reply != null) {
                LOG.debug("response returned, but request was not accepted: {}", reply);
            }
            String reason = "Invalid RADIUS reply: " + reply;
            RadiusAuthMonitor.LOG.debug(reason);
            status = PollStatus.unavailable(reason);
        }
    } catch (final Throwable e) {
        String reason = "Error while attempting to connect to the RADIUS service on " + addr.getCanonicalHostName();
        RadiusAuthMonitor.LOG.debug(reason, e);
        status = PollStatus.unavailable(reason);
    }
    return status;
}

Also used : PollStatus(org.opennms.netmgt.poller.PollStatus) RadiusClient(net.jradius.client.RadiusClient) AccessRequest(net.jradius.packet.AccessRequest) EAPMD5Authenticator(net.jradius.client.auth.EAPMD5Authenticator) AttributeList(net.jradius.packet.attribute.AttributeList) EAPMSCHAPv2Authenticator(net.jradius.client.auth.EAPMSCHAPv2Authenticator) MSCHAPv1Authenticator(net.jradius.client.auth.MSCHAPv1Authenticator) Attr_UserPassword(net.jradius.dictionary.Attr_UserPassword) EAPMSCHAPv2Authenticator(net.jradius.client.auth.EAPMSCHAPv2Authenticator) MSCHAPv2Authenticator(net.jradius.client.auth.MSCHAPv2Authenticator) CHAPAuthenticator(net.jradius.client.auth.CHAPAuthenticator) TimeoutTracker(org.opennms.core.utils.TimeoutTracker) RadiusPacket(net.jradius.packet.RadiusPacket) Attr_UserName(net.jradius.dictionary.Attr_UserName) PAPAuthenticator(net.jradius.client.auth.PAPAuthenticator) InetAddress(java.net.InetAddress) Attr_NASIdentifier(net.jradius.dictionary.Attr_NASIdentifier) RadiusAuthenticator(net.jradius.client.auth.RadiusAuthenticator) AccessAccept(net.jradius.packet.AccessAccept)

Example 3 with Attr_NASIdentifier

use of net.jradius.dictionary.Attr_NASIdentifier in project opennms by OpenNMS.

the class RadiusAuthDetector method request.

private static RequestBuilder<AttributeList> request(final String nasID, final String user, final String password) {
    LOG.debug("request: nasID = {}, user = {}, password = {}", nasID, user, password);
    return new RequestBuilder<AttributeList>() {

        @Override
        public AttributeList getRequest() {
            final AttributeList attributes = new AttributeList();
            attributes.add(new Attr_UserName(user));
            attributes.add(new Attr_NASIdentifier(nasID));
            attributes.add(new Attr_UserPassword(password));
            return attributes;
        }
    };
}

Also used : RequestBuilder(org.opennms.netmgt.provision.support.RequestBuilder) AttributeList(net.jradius.packet.attribute.AttributeList) Attr_UserName(net.jradius.dictionary.Attr_UserName) Attr_UserPassword(net.jradius.dictionary.Attr_UserPassword) Attr_NASIdentifier(net.jradius.dictionary.Attr_NASIdentifier)

Aggregations

Attr_NASIdentifier (net.jradius.dictionary.Attr_NASIdentifier)3 Attr_UserName (net.jradius.dictionary.Attr_UserName)3 Attr_UserPassword (net.jradius.dictionary.Attr_UserPassword)3 AttributeList (net.jradius.packet.attribute.AttributeList)3 RadiusClient (net.jradius.client.RadiusClient)2 AccessAccept (net.jradius.packet.AccessAccept)2 AccessRequest (net.jradius.packet.AccessRequest)2 RadiusPacket (net.jradius.packet.RadiusPacket)2 InetAddress (java.net.InetAddress)1 CHAPAuthenticator (net.jradius.client.auth.CHAPAuthenticator)1 EAPMD5Authenticator (net.jradius.client.auth.EAPMD5Authenticator)1 EAPMSCHAPv2Authenticator (net.jradius.client.auth.EAPMSCHAPv2Authenticator)1 MSCHAPv1Authenticator (net.jradius.client.auth.MSCHAPv1Authenticator)1 MSCHAPv2Authenticator (net.jradius.client.auth.MSCHAPv2Authenticator)1 PAPAuthenticator (net.jradius.client.auth.PAPAuthenticator)1 RadiusAuthenticator (net.jradius.client.auth.RadiusAuthenticator)1 Attr_NASIPAddress (net.jradius.dictionary.Attr_NASIPAddress)1 Attr_NASIPv6Address (net.jradius.dictionary.Attr_NASIPv6Address)1 Attr_NASPort (net.jradius.dictionary.Attr_NASPort)1 Attr_NASPortId (net.jradius.dictionary.Attr_NASPortId)1