use of net.jradius.client.auth.MSCHAPv2Authenticator in project opennms by OpenNMS.
the class RadiusAuthDetector method getAuthenticator.
public RadiusAuthenticator getAuthenticator() {
final RadiusAuthenticator auth;
final String authType = getAuthType();
if (authType.equalsIgnoreCase("chap")) {
auth = new CHAPAuthenticator();
} else if (authType.equalsIgnoreCase("pap")) {
auth = new PAPAuthenticator();
} else if (authType.equalsIgnoreCase("mschapv1")) {
auth = new MSCHAPv1Authenticator();
} else if (authType.equalsIgnoreCase("mschapv2")) {
auth = new MSCHAPv2Authenticator();
} else if (authType.equalsIgnoreCase("eapmd5") || authType.equalsIgnoreCase("eap-md5")) {
auth = new EAPMD5Authenticator();
} else if (authType.equalsIgnoreCase("eapmschapv2") || authType.equalsIgnoreCase("eap-mschapv2")) {
auth = new EAPMSCHAPv2Authenticator();
} else {
auth = null;
}
return auth;
}
use of net.jradius.client.auth.MSCHAPv2Authenticator in project opennms by OpenNMS.
the class RadiusAuthMonitor method poll.
/**
* {@inheritDoc}
*
* Radius Authentication Poller
*
* Note that the poller will return SERVICE_AVAILABLE only if the
* authentication Request actually succeeds. A failed authentication
* request will result in SERVICE_UNAVILABLE, although the radius
* server may actually be up.
* @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_AVAILABLE
* @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_UNAVAILABLE
* @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_UNRESPONSIVE
* @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_AVAILABLE
* @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_UNAVAILABLE
* @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_UNRESPONSIVE
* @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_AVAILABLE
* @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_UNAVAILABLE
* @see org.opennms.netmgt.poller.ServiceMonitor#SERVICE_UNRESPONSIVE
*/
@Override
public PollStatus poll(MonitoredService svc, Map<String, Object> parameters) {
// Assume that the service is down
PollStatus status = PollStatus.unavailable();
if (parameters == null) {
throw new NullPointerException();
}
final TimeoutTracker tracker = new TimeoutTracker(parameters, DEFAULT_RETRY, DEFAULT_TIMEOUT);
int authport = ParameterMap.getKeyedInteger(parameters, "authport", DEFAULT_AUTH_PORT);
int acctport = ParameterMap.getKeyedInteger(parameters, "acctport", DEFAULT_ACCT_PORT);
String user = ParameterMap.getKeyedString(parameters, "user", DEFAULT_USER);
String password = ParameterMap.getKeyedString(parameters, "password", DEFAULT_PASSWORD);
String secret = ParameterMap.getKeyedString(parameters, "secret", DEFAULT_SECRET);
String authType = ParameterMap.getKeyedString(parameters, "authtype", DEFAULT_AUTH_TYPE);
String nasid = ParameterMap.getKeyedString(parameters, "nasid", DEFAULT_NASID);
InetAddress addr = svc.getAddress();
AttributeFactory.loadAttributeDictionary("net.jradius.dictionary.AttributeDictionaryImpl");
int timeout = convertTimeoutToSeconds(ParameterMap.getKeyedInteger(parameters, "timeout", DEFAULT_TIMEOUT));
try {
final RadiusClient rc = new RadiusClient(addr, secret, authport, acctport, timeout);
for (tracker.reset(); tracker.shouldRetry(); tracker.nextAttempt()) {
final AttributeList attributes = new AttributeList();
attributes.add(new Attr_UserName(user));
attributes.add(new Attr_NASIdentifier(nasid));
attributes.add(new Attr_UserPassword(password));
final AccessRequest accessRequest = new AccessRequest(rc, attributes);
final RadiusAuthenticator auth;
if (authType.equalsIgnoreCase("chap")) {
auth = new CHAPAuthenticator();
} else if (authType.equalsIgnoreCase("pap")) {
auth = new PAPAuthenticator();
} else if (authType.equalsIgnoreCase("mschapv1")) {
auth = new MSCHAPv1Authenticator();
} else if (authType.equalsIgnoreCase("mschapv2")) {
auth = new MSCHAPv2Authenticator();
} else if (authType.equalsIgnoreCase("eapmd5") || authType.equalsIgnoreCase("eap-md5")) {
auth = new EAPMD5Authenticator();
} else if (authType.equalsIgnoreCase("eapmschapv2") || authType.equalsIgnoreCase("eap-mschapv2")) {
auth = new EAPMSCHAPv2Authenticator();
} else {
String reason = "Unknown authenticator type '" + authType + "'";
RadiusAuthMonitor.LOG.debug(reason);
return PollStatus.unavailable(reason);
}
tracker.startAttempt();
// The retry should be handled by the RadiusClient because otherwise it will thrown an exception.
RadiusPacket reply = rc.authenticate(accessRequest, auth, ParameterMap.getKeyedInteger(parameters, "retry", DEFAULT_RETRY));
if (reply instanceof AccessAccept) {
double responseTime = tracker.elapsedTimeInMillis();
status = PollStatus.available(responseTime);
LOG.debug("Radius service is AVAILABLE on: {}", addr.getCanonicalHostName());
LOG.debug("poll: responseTime= {}", responseTime);
break;
} else if (reply != null) {
LOG.debug("response returned, but request was not accepted: {}", reply);
}
String reason = "Invalid RADIUS reply: " + reply;
RadiusAuthMonitor.LOG.debug(reason);
status = PollStatus.unavailable(reason);
}
} catch (final Throwable e) {
String reason = "Error while attempting to connect to the RADIUS service on " + addr.getCanonicalHostName();
RadiusAuthMonitor.LOG.debug(reason, e);
status = PollStatus.unavailable(reason);
}
return status;
}
Aggregations