Package org.tinyradius.packet

Class AccessRequest


  • public class AccessRequest
extends RadiusPacket
    This class represents an Access-Request Radius packet.

    • Field Detail

      • AUTH_PROTOCOLS

        public static final java.util.Set<java.lang.String> AUTH_PROTOCOLS

    • Constructor Detail

      • AccessRequest

        public AccessRequest​(Dictionary dictionary,
                     int identifier,
                     byte[] authenticator)
        Parameters:
        dictionary - custom dictionary to use
        identifier - packet identifier
        authenticator - authenticator for packet, nullable

      • AccessRequest

        public AccessRequest​(Dictionary dictionary,
                     int identifier,
                     byte[] authenticator,
                     java.util.List<RadiusAttribute> attributes)
        Parameters:
        dictionary - custom dictionary to use
        identifier - packet identifier
        authenticator - authenticator for packet, nullable
        attributes - list of attributes for packet

      • AccessRequest

        public AccessRequest​(Dictionary dictionary,
                     int identifier,
                     byte[] authenticator,
                     java.lang.String userName,
                     java.lang.String userPassword)
        Constructs an Access-Request packet, sets the code, identifier and adds an User-Name and an User-Password attribute (PAP).
        Parameters:
        dictionary - custom dictionary to use
        identifier - packet identifier
        authenticator - authenticator for packet, nullable
        userName - user name
        userPassword - user password

    • Method Detail

      • setUserName

        public void setUserName​(java.lang.String userName)
        Sets the User-Name attribute of this Access-Request.
        Parameters:
        userName - user name to set

      • setUserPassword

        public void setUserPassword​(java.lang.String userPassword)
        Sets the plain-text user password.
        Parameters:
        userPassword - user password to set

      • getUserPassword

        public java.lang.String getUserPassword​()
        Retrieves the plain-text user password. Returns null for CHAP - use verifyPassword().
        Returns:
        user password in plaintext if decoded and using PAP
        See Also:
        verifyPassword(String)

      • getUserName

        public java.lang.String getUserName​()
        Retrieves the user name from the User-Name attribute.
        Returns:
        user name

      • getAuthProtocol

        public java.lang.String getAuthProtocol​()
        Returns the protocol used for encrypting the passphrase.
        Returns:
        one of AUTH_PROTOCOLS

      • setAuthProtocol

        public void setAuthProtocol​(java.lang.String authProtocol)
        Selects the protocol to use for encrypting the passphrase when encoding this Radius packet.
        Parameters:
        authProtocol - AUTH_PROTOCOLS

      • verify

        public void verify​(java.lang.String sharedSecret,
                   byte[] ignored)
            throws RadiusException
        AccessRequest cannot verify authenticator as they contain random bytes.

        Instead it checks the User-Password/Challenge attributes are present and attempts decryption.

        Overrides:
        verify in class RadiusPacket
        Parameters:
        sharedSecret - shared secret, only applicable for PAP
        ignored - ignored, not applicable for AccessRequest
        Throws:
        RadiusException - if authenticator check fails

      • verifyPassword

        public boolean verifyPassword​(java.lang.String plaintext)
                       throws java.lang.UnsupportedOperationException
        Verifies that the passed plain-text password matches the password (hash) send with this Access-Request packet. Works with both PAP and CHAP.
        Parameters:
        plaintext - password to verify packet against
        Returns:
        true if the password is valid, false otherwise
        Throws:
        java.lang.UnsupportedOperationException

      • encodeRequest

        public AccessRequest encodeRequest​(java.lang.String sharedSecret)
                            throws java.lang.UnsupportedOperationException
        AccessRequest overrides this method to generate a randomized authenticator as per RFC 2865 and encode required attributes (i.e. User-Password).
        Overrides:
        encodeRequest in class RadiusPacket
        Parameters:
        sharedSecret - shared secret that secures the communication with the other Radius server/client
        Returns:
        RadiusPacket with new authenticator and/or encoded attributes
        Throws:
        java.lang.UnsupportedOperationException - auth type not supported

      • encodeResponse

        public RadiusPacket encodeResponse​(java.lang.String sharedSecret,
                                   byte[] requestAuthenticator)
        Description copied from class: RadiusPacket
        Encode and generate authenticator. Should be idempotent.

        Requires request authenticator to generator response authenticator.

        Overrides:
        encodeResponse in class RadiusPacket
        Parameters:
        sharedSecret - shared secret to be used to encode this packet
        requestAuthenticator - request packet authenticator
        Returns:
        new RadiusPacket instance with same properties and valid authenticator

      • encodeRequestAttributes

        protected java.util.List<RadiusAttribute> encodeRequestAttributes​(byte[] authenticator,
                                                                  java.lang.String sharedSecret)
                                                           throws java.lang.UnsupportedOperationException
        Sets and encrypts the User-Password attribute.
        Parameters:
        authenticator - authenticator to use to encode PAP password, nullable if using different auth protocol
        sharedSecret - shared secret that secures the communication with the other Radius server/client
        Returns:
        List of RadiusAttributes to override
        Throws:
        java.lang.UnsupportedOperationException - auth protocol not supported