Search in sources :

Example 1 with CasRadiusResponse

use of org.apereo.cas.adaptors.radius.CasRadiusResponse in project cas by apereo.

the class AbstractRadiusServer method authenticate.

@Override
public final CasRadiusResponse authenticate(final String username, final String password, final Optional state) throws Exception {
    val attributeList = new AttributeList();
    if (StringUtils.isNotBlank(username)) {
        attributeList.add(new Attr_UserName(username));
    }
    if (StringUtils.isNotBlank(password)) {
        attributeList.add(new Attr_UserPassword(password));
    }
    val clientInfo = ClientInfoHolder.getClientInfo();
    if (clientInfo != null) {
        val clientIpAddress = clientInfo.getClientIpAddress();
        val clientIpAttribute = new Attr_ClientIPAddress(clientIpAddress);
        LOGGER.debug("Adding client IP address attribute [{}]", clientIpAttribute);
        attributeList.add(clientIpAttribute);
    }
    state.ifPresent(value -> attributeList.add(new Attr_State(Serializable.class.cast(value))));
    if (StringUtils.isNotBlank(configurationContext.getNasIpAddress())) {
        attributeList.add(new Attr_NASIPAddress(configurationContext.getNasIpAddress()));
    }
    if (StringUtils.isNotBlank(configurationContext.getNasIpv6Address())) {
        attributeList.add(new Attr_NASIPv6Address(configurationContext.getNasIpv6Address()));
    }
    if (configurationContext.getNasPort() != -1) {
        attributeList.add(new Attr_NASPort(configurationContext.getNasPort()));
    }
    if (configurationContext.getNasPortId() != -1) {
        attributeList.add(new Attr_NASPortId(configurationContext.getNasPortId()));
    }
    if (StringUtils.isNotBlank(configurationContext.getNasIdentifier())) {
        attributeList.add(new Attr_NASIdentifier(configurationContext.getNasIdentifier()));
    }
    if (configurationContext.getNasRealPort() != -1) {
        attributeList.add(new Attr_NASRealPort(configurationContext.getNasRealPort()));
    }
    if (configurationContext.getNasPortType() != -1) {
        attributeList.add(new Attr_NASPortType(configurationContext.getNasPortType()));
    }
    val client = configurationContext.getRadiusClientFactory().newInstance();
    try {
        val request = new AccessRequest(client, attributeList);
        LOGGER.debug("RADIUS access request prepared as [{}]", request.toString(true, true));
        val response = authenticateRequest(client, request);
        LOGGER.debug("RADIUS response from [{}]: [{}] as [{}]", client.getRemoteInetAddress().getCanonicalHostName(), response.getClass().getName(), response.toString(true, true));
        if (response instanceof AccessAccept || response instanceof AccessChallenge) {
            val attributes = response.getAttributes().getAttributeList();
            LOGGER.debug("Radius response code [{}] accepted with attributes [{}] and identifier [{}]", response.getCode(), attributes, response.getIdentifier());
            return new CasRadiusResponse(response.getCode(), response.getIdentifier(), attributes);
        }
        LOGGER.warn("Response [{}] is not recognized", response);
    } finally {
        if (client != null) {
            client.close();
        }
    }
    return null;
}
Also used : lombok.val(lombok.val) Serializable(java.io.Serializable) Attr_NASRealPort(net.jradius.dictionary.vsa_redback.Attr_NASRealPort) CasRadiusResponse(org.apereo.cas.adaptors.radius.CasRadiusResponse) AccessRequest(net.jradius.packet.AccessRequest) AttributeList(net.jradius.packet.attribute.AttributeList) Attr_NASPort(net.jradius.dictionary.Attr_NASPort) Attr_NASIPAddress(net.jradius.dictionary.Attr_NASIPAddress) Attr_ClientIPAddress(net.jradius.dictionary.Attr_ClientIPAddress) Attr_NASPortId(net.jradius.dictionary.Attr_NASPortId) Attr_UserPassword(net.jradius.dictionary.Attr_UserPassword) Attr_NASPortType(net.jradius.dictionary.Attr_NASPortType) Attr_UserName(net.jradius.dictionary.Attr_UserName) Attr_NASIPv6Address(net.jradius.dictionary.Attr_NASIPv6Address) Attr_State(net.jradius.dictionary.Attr_State) AccessChallenge(net.jradius.packet.AccessChallenge) Attr_NASIdentifier(net.jradius.dictionary.Attr_NASIdentifier) AccessAccept(net.jradius.packet.AccessAccept)

Aggregations

Serializable (java.io.Serializable)1 lombok.val (lombok.val)1 Attr_ClientIPAddress (net.jradius.dictionary.Attr_ClientIPAddress)1 Attr_NASIPAddress (net.jradius.dictionary.Attr_NASIPAddress)1 Attr_NASIPv6Address (net.jradius.dictionary.Attr_NASIPv6Address)1 Attr_NASIdentifier (net.jradius.dictionary.Attr_NASIdentifier)1 Attr_NASPort (net.jradius.dictionary.Attr_NASPort)1 Attr_NASPortId (net.jradius.dictionary.Attr_NASPortId)1 Attr_NASPortType (net.jradius.dictionary.Attr_NASPortType)1 Attr_State (net.jradius.dictionary.Attr_State)1 Attr_UserName (net.jradius.dictionary.Attr_UserName)1 Attr_UserPassword (net.jradius.dictionary.Attr_UserPassword)1 Attr_NASRealPort (net.jradius.dictionary.vsa_redback.Attr_NASRealPort)1 AccessAccept (net.jradius.packet.AccessAccept)1 AccessChallenge (net.jradius.packet.AccessChallenge)1 AccessRequest (net.jradius.packet.AccessRequest)1 AttributeList (net.jradius.packet.attribute.AttributeList)1 CasRadiusResponse (org.apereo.cas.adaptors.radius.CasRadiusResponse)1