use of org.forgerock.openam.radius.common.packet.NASPortAttribute in project OpenAM by OpenRock.
the class TestPacket method testSerializingRfc2865Section7dot1Example.
/**
* Test to ensure conformity with <a href="https://tools.ietf.org/html/rfc2865#section-7.1">IETF RFC 2865 section
* 7.1</a>
*/
@Test
public void testSerializingRfc2865Section7dot1Example() {
// what we should end up with
final String res = "01 00 00 38 0f 40 3f 94 73 97 80 57 bd 83 d5 cb " + "98 f4 22 7a 01 06 6e 65 6d 6f 02 12 0d be 70 8d " + "93 d4 13 ce 31 96 e4 3f 78 2a 0a ee 04 06 c0 a8 " + "01 10 05 06 00 00 00 03";
final AccessRequest accessReq = new AccessRequest();
accessReq.setIdentifier((short) 0);
accessReq.addAttribute(new UserNameAttribute("nemo"));
final String authenticatorBytes = "0f 40 3f 94 73 97 80 57 bd 83 d5 cb 98 f4 22 7a";
final byte[] aBytes = Utils.toByteArray(authenticatorBytes);
final RequestAuthenticator authenticator = new RequestAuthenticator(aBytes);
accessReq.setAuthenticator(authenticator);
accessReq.addAttribute(new UserPasswordAttribute(authenticator, Rfc2865Examples.secret, Rfc2865Examples.password));
try {
final InetAddress address = InetAddress.getByAddress(new byte[] { (byte) 192, (byte) 168, 1, 16 });
accessReq.addAttribute(new NASIPAddressAttribute(address));
} catch (final UnknownHostException e) {
// ignore since it won't happen given valid address
e.printStackTrace();
}
accessReq.addAttribute(new NASPortAttribute(3));
final byte[] bytes = accessReq.getOctets();
final ByteBuffer pktBfr = ByteBuffer.wrap(bytes);
final String spaceHex = Utils.toSpacedHex(pktBfr);
Assert.assertEquals(spaceHex, res, "output sequence of AccessRequest should have matched");
}
use of org.forgerock.openam.radius.common.packet.NASPortAttribute in project OpenAM by OpenRock.
the class TestPacketFactory method testRfc2865Sec7dot1Example.
/**
* Test to ensure conformity with <a href="https://tools.ietf.org/html/rfc2865#section-7.1">IETF RFC 2865 section
* 7.1</a>
*
* @throws UnknownHostException
*/
@Test
public void testRfc2865Sec7dot1Example() throws UnknownHostException {
final String hex = "01 00 00 38 0f 40 3f 94 73 97 80 57 bd 83 d5 cb" + "98 f4 22 7a 01 06 6e 65 6d 6f 02 12 0d be 70 8d" + "93 d4 13 ce 31 96 e4 3f 78 2a 0a ee 04 06 c0 a8" + "01 10 05 06 00 00 00 03";
final ByteBuffer bfr = Utils.toBuffer(hex);
dumpBfr(bfr);
final Packet pkt = PacketFactory.toPacket(bfr);
Assert.assertNotNull(pkt.getAuthenticator(), "authenticator should be defined");
Assert.assertEquals(pkt.getType(), PacketType.ACCESS_REQUEST, "Incorrect type code");
Assert.assertEquals(pkt.getIdentifier(), 0, "packet identifier should have been 0");
Assert.assertEquals(pkt.getAttributeSet().size(), 4, "packet attributes contained");
Assert.assertEquals(pkt.getAttributeAt(0).getClass().getSimpleName(), UserNameAttribute.class.getSimpleName(), "0 attribute");
Assert.assertEquals(((UserNameAttribute) pkt.getAttributeAt(0)).getName(), "nemo", "user name");
Assert.assertEquals(pkt.getAttributeAt(1).getClass().getSimpleName(), UserPasswordAttribute.class.getSimpleName(), "1 attribute");
Assert.assertEquals(pkt.getAttributeAt(2).getClass().getSimpleName(), NASIPAddressAttribute.class.getSimpleName(), "2 attribute");
Assert.assertEquals(((NASIPAddressAttribute) pkt.getAttributeAt(2)).getIpAddress(), InetAddress.getByAddress(new byte[] { (byte) 192, (byte) 168, 1, 16 }), "NAS IP address");
Assert.assertEquals(pkt.getAttributeAt(3).getClass().getSimpleName(), NASPortAttribute.class.getSimpleName(), "3 attribute");
Assert.assertEquals(((NASPortAttribute) pkt.getAttributeAt(3)).getPort(), 3, "NAS port");
}
use of org.forgerock.openam.radius.common.packet.NASPortAttribute in project OpenAM by OpenRock.
the class RadiusConn method authenticate.
/**
* Authenticates the username and password against the remote servers.
*
* @param name the username.
* @param password the password.
* @throws IOException if there is a problem.
* @throws NoSuchAlgorithmException if there is a problem.
* @throws RejectException if there is a problem.
* @throws ChallengeException if there is a problem.
*/
public void authenticate(String name, String password) throws IOException, NoSuchAlgorithmException, RejectException, ChallengeException {
AccessRequest req = createAccessRequest();
req.addAttribute(new UserNameAttribute(name));
req.addAttribute(new UserPasswordAttribute(req.getAuthenticator(), secret, password));
req.addAttribute(new NASIPAddressAttribute(InetAddress.getLocalHost()));
req.addAttribute(new NASPortAttribute(socket.getLocalPort()));
sendPacket(req);
}
use of org.forgerock.openam.radius.common.packet.NASPortAttribute in project OpenAM by OpenRock.
the class RadiusConn method replyChallenge.
/**
* Sends an access-request to the server in response to a challenge request.
*
* @param name the username.
* @param password the password.
* @param ce the challenge exception providing access to the original challenge response.
* @throws IOException if there is a problem.
* @throws NoSuchAlgorithmException if there is a problem.
* @throws RejectException if there is a problem.
* @throws ChallengeException if there is a problem.
*/
public void replyChallenge(String name, String password, ChallengeException ce) throws IOException, NoSuchAlgorithmException, RejectException, ChallengeException {
StateAttribute state = (StateAttribute) ce.getAttributeSet().getAttributeByType(AttributeType.STATE);
if (state == null) {
throw new IOException("State not found in challenge");
}
AccessRequest req = createAccessRequest();
// needed in challenge
req.addAttribute(state);
if (name != null) {
req.addAttribute(new UserNameAttribute(name));
}
req.addAttribute(new UserPasswordAttribute(req.getAuthenticator(), secret, password));
req.addAttribute(new NASIPAddressAttribute(InetAddress.getLocalHost()));
req.addAttribute(new NASPortAttribute(socket.getLocalPort()));
sendPacket(req);
}
use of org.forgerock.openam.radius.common.packet.NASPortAttribute in project OpenAM by OpenRock.
the class ConsoleClient method run.
/**
* Calls the server in a thread.
*/
@Override
public void run() {
try {
final DatagramChannel chan = DatagramChannel.open();
// request id
short reqId = 1;
final SecureRandom random = new SecureRandom();
final InetSocketAddress serverAddr = new InetSocketAddress(this.host, this.port);
final NASIPAddressAttribute nasAddr = new NASIPAddressAttribute(InetAddress.getLocalHost());
final NASPortAttribute nasPort = new NASPortAttribute(chan.socket().getLocalPort());
StateAttribute state = null;
// String username = "boydmr"; // TODO: restore
final String username = getUserInputFor("Username", null);
// String passwordOrAnswer = "password"; // TODO: restore
String passwordOrAnswer = getUserInputFor("Password", null);
System.out.println();
boolean finished = false;
// ready for writing
final ByteBuffer bufIn = ByteBuffer.allocate(4096);
while (!finished) {
final RequestAuthenticator reqAuthR = new RequestAuthenticator(random, this.secret);
final AccessRequest req = new AccessRequest(reqId++, reqAuthR);
req.addAttribute(new UserNameAttribute(username));
req.addAttribute(new UserPasswordAttribute(req.getAuthenticator(), this.secret, passwordOrAnswer));
req.addAttribute(nasAddr);
req.addAttribute(nasPort);
if (state != null) {
req.addAttribute(state);
}
final ByteBuffer reqBuf = ByteBuffer.wrap(req.getOctets());
if (logTraffic) {
System.out.println("Packet To " + host + ":" + port);
System.out.println(RadiusRequestContext.getPacketRepresentation(req));
}
chan.send(reqBuf, serverAddr);
// now handle responses possibly sending additional requests
chan.receive(bufIn);
// prepare buffer for reading out
bufIn.flip();
final Packet res = PacketFactory.toPacket(bufIn);
// prepare buffer for next response
bufIn.clear();
if (logTraffic) {
System.out.println("Packet From " + host + ":" + port);
System.out.println(RadiusRequestContext.getPacketRepresentation(res));
}
if (res instanceof AccessReject) {
System.out.println("---> Sorry. Not Authenticated.");
System.out.println();
finished = true;
} else if (res instanceof AccessAccept) {
System.out.println("---> SUCCESS! You've Authenticated!");
System.out.println();
finished = true;
} else if (res instanceof AccessChallenge) {
final AccessChallenge chng = (AccessChallenge) res;
state = (StateAttribute) getAttribute(StateAttribute.class, res);
final ReplyMessageAttribute msg = (ReplyMessageAttribute) getAttribute(ReplyMessageAttribute.class, res);
String message = null;
if (msg != null) {
message = msg.getMessage();
}
passwordOrAnswer = getUserInputFor("Answer", message);
System.out.println();
}
}
} catch (final Exception e) {
e.printStackTrace();
}
}
Aggregations