Example 6 with Packet
use of org.forgerock.openam.radius.common.Packet in project OpenAM by OpenRock.
the class RadiusRequestHandler method run.
@Override
public void run() {
try {
LOG.message("Entering RadiusRequestHandler.run();");
final Packet requestPacket = getValidPacket(buffer);
if (requestPacket == null) {
LOG.message("Leaving RadiusRequestHandler.run(); no requestPacket");
return;
}
// grab the items from the request that we'll need in the RadiusResponseHandler at send time
requestContext.setRequestId(requestPacket.getIdentifier());
requestContext.setRequestAuthenticator(requestPacket.getAuthenticator());
final AccessRequest accessRequest = createAccessRequest(requestPacket);
if (accessRequest == null) {
LOG.message("Leaving RadiusRequestHandler.run(); Packet received was not an AccessRequest packet.");
return;
}
// Instantiate an instance of the AccessRequestHandler class specified in the configuration for this
// client.
final AccessRequestHandler accessRequestHandler = accessRequestHandlerFactory.getAccessRequestHandler(requestContext);
if (accessRequestHandler == null) {
LOG.message("Leaving RadiusRequestHandler.run(); Could not obtain Access Request Handler.");
return;
}
final RadiusRequest request = new RadiusRequest(accessRequest);
final RadiusResponse response = new RadiusResponse();
try {
// The handler will form the response.
accessRequestHandler.handle(request, response, requestContext);
postHandledEvent(request, response, requestContext);
// Send the response to the client.
Packet responsePacket = response.getResponsePacket();
requestContext.send(responsePacket);
resultHandler.handleResult(response);
} catch (final RadiusProcessingException rre) {
// So the processing of the request failed. Is the error recoverable or does the RADIUS server
// need to shutdown?
handleResponseException(rre, requestContext);
}
} catch (final Exception t) {
final StringBuilder sb = new StringBuilder("Exception occured while handling radius request for RADIUS client '").append(getClientName()).append("'. Rejecting access.");
LOG.error(sb.toString(), t);
this.sendAccessReject(requestContext);
return;
}
}
Also used :
Packet(org.forgerock.openam.radius.common.Packet)
AccessRequest(org.forgerock.openam.radius.common.AccessRequest)
AccessRequestHandler(org.forgerock.openam.radius.server.spi.AccessRequestHandler)
Example 7 with Packet
use of org.forgerock.openam.radius.common.Packet in project OpenAM by OpenRock.
the class ConsoleClient method run.
/**
* Calls the server in a thread.
*/
@Override
public void run() {
try {
final DatagramChannel chan = DatagramChannel.open();
// request id
short reqId = 1;
final SecureRandom random = new SecureRandom();
final InetSocketAddress serverAddr = new InetSocketAddress(this.host, this.port);
final NASIPAddressAttribute nasAddr = new NASIPAddressAttribute(InetAddress.getLocalHost());
final NASPortAttribute nasPort = new NASPortAttribute(chan.socket().getLocalPort());
StateAttribute state = null;
// String username = "boydmr"; // TODO: restore
final String username = getUserInputFor("Username", null);
// String passwordOrAnswer = "password"; // TODO: restore
String passwordOrAnswer = getUserInputFor("Password", null);
System.out.println();
boolean finished = false;
// ready for writing
final ByteBuffer bufIn = ByteBuffer.allocate(4096);
while (!finished) {
final RequestAuthenticator reqAuthR = new RequestAuthenticator(random, this.secret);
final AccessRequest req = new AccessRequest(reqId++, reqAuthR);
req.addAttribute(new UserNameAttribute(username));
req.addAttribute(new UserPasswordAttribute(req.getAuthenticator(), this.secret, passwordOrAnswer));
req.addAttribute(nasAddr);
req.addAttribute(nasPort);
if (state != null) {
req.addAttribute(state);
}
final ByteBuffer reqBuf = ByteBuffer.wrap(req.getOctets());
if (logTraffic) {
System.out.println("Packet To " + host + ":" + port);
System.out.println(RadiusRequestContext.getPacketRepresentation(req));
}
chan.send(reqBuf, serverAddr);
// now handle responses possibly sending additional requests
chan.receive(bufIn);
// prepare buffer for reading out
bufIn.flip();
final Packet res = PacketFactory.toPacket(bufIn);
// prepare buffer for next response
bufIn.clear();
if (logTraffic) {
System.out.println("Packet From " + host + ":" + port);
System.out.println(RadiusRequestContext.getPacketRepresentation(res));
}
if (res instanceof AccessReject) {
System.out.println("---> Sorry. Not Authenticated.");
System.out.println();
finished = true;
} else if (res instanceof AccessAccept) {
System.out.println("---> SUCCESS! You've Authenticated!");
System.out.println();
finished = true;
} else if (res instanceof AccessChallenge) {
final AccessChallenge chng = (AccessChallenge) res;
state = (StateAttribute) getAttribute(StateAttribute.class, res);
final ReplyMessageAttribute msg = (ReplyMessageAttribute) getAttribute(ReplyMessageAttribute.class, res);
String message = null;
if (msg != null) {
message = msg.getMessage();
}
passwordOrAnswer = getUserInputFor("Answer", message);
System.out.println();
}
}
} catch (final Exception e) {
e.printStackTrace();
}
}
Also used :
StateAttribute(org.forgerock.openam.radius.common.StateAttribute)
Packet(org.forgerock.openam.radius.common.Packet)
RequestAuthenticator(org.forgerock.openam.radius.common.RequestAuthenticator)
AccessRequest(org.forgerock.openam.radius.common.AccessRequest)
InetSocketAddress(java.net.InetSocketAddress)
DatagramChannel(java.nio.channels.DatagramChannel)
SecureRandom(java.security.SecureRandom)
NASIPAddressAttribute(org.forgerock.openam.radius.common.packet.NASIPAddressAttribute)
ByteBuffer(java.nio.ByteBuffer)
IOException(java.io.IOException)
ReplyMessageAttribute(org.forgerock.openam.radius.common.ReplyMessageAttribute)
UserNameAttribute(org.forgerock.openam.radius.common.UserNameAttribute)
AccessReject(org.forgerock.openam.radius.common.AccessReject)
NASPortAttribute(org.forgerock.openam.radius.common.packet.NASPortAttribute)
AccessChallenge(org.forgerock.openam.radius.common.AccessChallenge)
UserPasswordAttribute(org.forgerock.openam.radius.common.UserPasswordAttribute)
AccessAccept(org.forgerock.openam.radius.common.AccessAccept)
Example 8 with Packet
use of org.forgerock.openam.radius.common.Packet in project OpenAM by OpenRock.
the class RadiusRequestHandler method postHandledEvent.
private void postHandledEvent(RadiusRequest request, RadiusResponse response, RadiusRequestContext requestContext) {
LOG.message("Entering RadiusRequestHandler.postHandledEvent()");
// Calculate and set the time to service the response.
response.setTimeToServiceRequestInMilliSeconds(DateTime.now().getMillis() - request.getStartTimestampInMillis());
Packet responsePacket = response.getResponsePacket();
if (responsePacket != null) {
switch(responsePacket.getType()) {
case ACCESS_ACCEPT:
eventBus.post(new AuthRequestAcceptedEvent(request, response, requestContext));
break;
case ACCESS_CHALLENGE:
eventBus.post(new AuthRequestChallengedEvent(request, response, requestContext));
break;
case ACCESS_REJECT:
eventBus.post(new AuthRequestRejectedEvent(request, response, requestContext));
break;
case ACCOUNTING_RESPONSE:
break;
default:
LOG.warning("Unexpected type of responsePacket;", responsePacket.getType().toString());
break;
}
}
LOG.message("Leaving RadiusRequestHandler.postHandledEvent()");
}
Also used :
Packet(org.forgerock.openam.radius.common.Packet)
AuthRequestRejectedEvent(org.forgerock.openam.radius.server.events.AuthRequestRejectedEvent)
AuthRequestAcceptedEvent(org.forgerock.openam.radius.server.events.AuthRequestAcceptedEvent)
AuthRequestChallengedEvent(org.forgerock.openam.radius.server.events.AuthRequestChallengedEvent)
Example 9 with Packet
use of org.forgerock.openam.radius.common.Packet in project OpenAM by OpenRock.
the class RadiusConn method sendPacket.
/**
* Finds an available server and then sends a packet to that servers.
*
* @param packet the packet.
* @throws IOException if there is a problem.
* @throws RejectException if there is a problem.
* @throws ChallengeException if there is a problem.
*/
private void sendPacket(Packet packet) throws IOException, RejectException, ChallengeException {
Packet res = null;
RADIUSServer server = null;
while (res == null) {
server = getOnlineServer();
if (debug.messageEnabled()) {
debug.message("Using " + server + " for contact RADIUS");
}
try {
send(packet, server);
res = receive();
if (res instanceof AccessReject) {
throw new RejectException((AccessReject) res);
} else if (res instanceof AccessChallenge) {
throw new ChallengeException((AccessChallenge) res);
}
} catch (IOException ioe) {
if (ioe instanceof ConnectException || ioe instanceof SocketTimeoutException) {
if (debug.messageEnabled()) {
debug.message("Moving server to offline state - " + server);
}
synchronized (SERVER_STATUS) {
SERVER_STATUS.put(server, Boolean.FALSE);
}
synchronized (SERVER_MONITOR_LOCK) {
if (serverMonitor == null || serverMonitor.scheduledExecutionTime() == -1) {
serverMonitor = new RADIUSMonitor();
SystemTimer.getTimer().schedule(serverMonitor, new Date(((System.currentTimeMillis()) / 1000) * 1000));
}
}
} else {
throw ioe;
}
}
}
}
Also used :
Packet(org.forgerock.openam.radius.common.Packet)
DatagramPacket(java.net.DatagramPacket)
SocketTimeoutException(java.net.SocketTimeoutException)
AccessReject(org.forgerock.openam.radius.common.AccessReject)
RADIUSServer(com.sun.identity.authentication.modules.radius.RADIUSServer)
IOException(java.io.IOException)
AccessChallenge(org.forgerock.openam.radius.common.AccessChallenge)
Date(java.util.Date)
ConnectException(java.net.ConnectException)
Example 10 with Packet
use of org.forgerock.openam.radius.common.Packet in project OpenAM by OpenRock.
the class RadiusConn method receive.
/**
* Blocking call that waits until a response packet is received.
*
* @return the received packet.
* @throws IOException
*/
private Packet receive() throws IOException {
byte[] buffer = new byte[4096];
DatagramPacket dp = new DatagramPacket(buffer, buffer.length);
socket.receive(dp);
byte[] data = dp.getData();
Packet p = PacketFactory.toPacket(data);
if (debug.messageEnabled()) {
debug.message("Received " + p + " size=" + p.getAttributeSet().size());
}
return p;
}
Also used :
Packet(org.forgerock.openam.radius.common.Packet)
DatagramPacket(java.net.DatagramPacket)
DatagramPacket(java.net.DatagramPacket)
Aggregations
Packet (org.forgerock.openam.radius.common.Packet)10
AccessRequest (org.forgerock.openam.radius.common.AccessRequest)4
Test (org.testng.annotations.Test)3
IOException (java.io.IOException)2
DatagramPacket (java.net.DatagramPacket)2
InetSocketAddress (java.net.InetSocketAddress)2
ByteBuffer (java.nio.ByteBuffer)2
EventBus (org.forgerock.guava.common.eventbus.EventBus)2
AccessChallenge (org.forgerock.openam.radius.common.AccessChallenge)2
AccessReject (org.forgerock.openam.radius.common.AccessReject)2
Authenticator (org.forgerock.openam.radius.common.Authenticator)2
UserNameAttribute (org.forgerock.openam.radius.common.UserNameAttribute)2
UserPasswordAttribute (org.forgerock.openam.radius.common.UserPasswordAttribute)2
RadiusRequest (org.forgerock.openam.radius.server.RadiusRequest)2
AuthContext (com.sun.identity.authentication.AuthContext)1
Status (com.sun.identity.authentication.AuthContext.Status)1
RADIUSServer (com.sun.identity.authentication.modules.radius.RADIUSServer)1
PagePropertiesCallback (com.sun.identity.authentication.spi.PagePropertiesCallback)1
ConnectException (java.net.ConnectException)1
SocketTimeoutException (java.net.SocketTimeoutException)1
