Package org.tinyradius.packet
Class AccessRequest
- java.lang.Object
-
- org.tinyradius.packet.RadiusPacket
-
- org.tinyradius.packet.AccessRequest
-
public class AccessRequest extends RadiusPacket
This class represents an Access-Request Radius packet.
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
AUTH_CHAP
static java.lang.String
AUTH_EAP
static java.lang.String
AUTH_MS_CHAP_V2
static java.lang.String
AUTH_PAP
static java.util.Set<java.lang.String>
AUTH_PROTOCOLS
-
Fields inherited from class org.tinyradius.packet.RadiusPacket
HEADER_LENGTH
-
-
Constructor Summary
Constructors Constructor Description AccessRequest(Dictionary dictionary, int identifier, byte[] authenticator)
AccessRequest(Dictionary dictionary, int identifier, byte[] authenticator, java.lang.String userName, java.lang.String userPassword)
Constructs an Access-Request packet, sets the code, identifier and adds an User-Name and an User-Password attribute (PAP).AccessRequest(Dictionary dictionary, int identifier, byte[] authenticator, java.util.List<RadiusAttribute> attributes)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description AccessRequest
copy()
boolean
decryptPasswords(java.lang.String sharedSecret)
AccessRequest
encodeRequest(java.lang.String sharedSecret)
AccessRequest overrides this method to generate a randomized authenticator as per RFC 2865 and encode required attributes (i.e.protected java.util.List<RadiusAttribute>
encodeRequestAttributes(byte[] authenticator, java.lang.String sharedSecret)
Sets and encrypts the User-Password attribute.RadiusPacket
encodeResponse(java.lang.String sharedSecret, byte[] requestAuthenticator)
Encode and generate authenticator.java.lang.String
getAuthProtocol()
Returns the protocol used for encrypting the passphrase.java.lang.String
getUserName()
Retrieves the user name from the User-Name attribute.java.lang.String
getUserPassword()
Retrieves the plain-text user password.void
setAuthProtocol(java.lang.String authProtocol)
Selects the protocol to use for encrypting the passphrase when encoding this Radius packet.void
setUserName(java.lang.String userName)
Sets the User-Name attribute of this Access-Request.void
setUserPassword(java.lang.String userPassword)
Sets the plain-text user password.void
verify(java.lang.String sharedSecret, byte[] ignored)
AccessRequest cannot verify authenticator as they contain random bytes.boolean
verifyPassword(java.lang.String plaintext)
Verifies that the passed plain-text password matches the password (hash) send with this Access-Request packet.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
-
Methods inherited from class org.tinyradius.packet.RadiusPacket
addAttribute, addAttribute, createHashedAuthenticator, getAttribute, getAttribute, getAttribute, getAttributeBytes, getAttributeMap, getAttributes, getAttributes, getAttributes, getAttributeValue, getAuthenticator, getDictionary, getIdentifier, getType, getVendorAttributes, removeAttribute, removeAttributes, removeAttributes, removeLastAttribute, toString
-
-
-
-
Field Detail
-
AUTH_PAP
public static final java.lang.String AUTH_PAP
- See Also:
- Constant Field Values
-
AUTH_CHAP
public static final java.lang.String AUTH_CHAP
- See Also:
- Constant Field Values
-
AUTH_MS_CHAP_V2
public static final java.lang.String AUTH_MS_CHAP_V2
- See Also:
- Constant Field Values
-
AUTH_EAP
public static final java.lang.String AUTH_EAP
- See Also:
- Constant Field Values
-
AUTH_PROTOCOLS
public static final java.util.Set<java.lang.String> AUTH_PROTOCOLS
-
-
Constructor Detail
-
AccessRequest
public AccessRequest(Dictionary dictionary, int identifier, byte[] authenticator)
- Parameters:
dictionary
- custom dictionary to useidentifier
- packet identifierauthenticator
- authenticator for packet, nullable
-
AccessRequest
public AccessRequest(Dictionary dictionary, int identifier, byte[] authenticator, java.util.List<RadiusAttribute> attributes)
- Parameters:
dictionary
- custom dictionary to useidentifier
- packet identifierauthenticator
- authenticator for packet, nullableattributes
- list of attributes for packet
-
AccessRequest
public AccessRequest(Dictionary dictionary, int identifier, byte[] authenticator, java.lang.String userName, java.lang.String userPassword)
Constructs an Access-Request packet, sets the code, identifier and adds an User-Name and an User-Password attribute (PAP).- Parameters:
dictionary
- custom dictionary to useidentifier
- packet identifierauthenticator
- authenticator for packet, nullableuserName
- user nameuserPassword
- user password
-
-
Method Detail
-
setUserName
public void setUserName(java.lang.String userName)
Sets the User-Name attribute of this Access-Request.- Parameters:
userName
- user name to set
-
setUserPassword
public void setUserPassword(java.lang.String userPassword)
Sets the plain-text user password.- Parameters:
userPassword
- user password to set
-
getUserPassword
public java.lang.String getUserPassword()
Retrieves the plain-text user password. Returns null for CHAP - use verifyPassword().- Returns:
- user password in plaintext if decoded and using PAP
- See Also:
verifyPassword(String)
-
getUserName
public java.lang.String getUserName()
Retrieves the user name from the User-Name attribute.- Returns:
- user name
-
getAuthProtocol
public java.lang.String getAuthProtocol()
Returns the protocol used for encrypting the passphrase.- Returns:
- one of
AUTH_PROTOCOLS
-
setAuthProtocol
public void setAuthProtocol(java.lang.String authProtocol)
Selects the protocol to use for encrypting the passphrase when encoding this Radius packet.- Parameters:
authProtocol
-AUTH_PROTOCOLS
-
verify
public void verify(java.lang.String sharedSecret, byte[] ignored) throws RadiusException
AccessRequest cannot verify authenticator as they contain random bytes.Instead it checks the User-Password/Challenge attributes are present and attempts decryption.
- Overrides:
verify
in classRadiusPacket
- Parameters:
sharedSecret
- shared secret, only applicable for PAPignored
- ignored, not applicable for AccessRequest- Throws:
RadiusException
- if authenticator check fails
-
decryptPasswords
public boolean decryptPasswords(java.lang.String sharedSecret) throws RadiusException
- Throws:
RadiusException
-
verifyPassword
public boolean verifyPassword(java.lang.String plaintext) throws java.lang.UnsupportedOperationException
Verifies that the passed plain-text password matches the password (hash) send with this Access-Request packet. Works with both PAP and CHAP.- Parameters:
plaintext
- password to verify packet against- Returns:
- true if the password is valid, false otherwise
- Throws:
java.lang.UnsupportedOperationException
-
encodeRequest
public AccessRequest encodeRequest(java.lang.String sharedSecret) throws java.lang.UnsupportedOperationException
AccessRequest overrides this method to generate a randomized authenticator as per RFC 2865 and encode required attributes (i.e. User-Password).- Overrides:
encodeRequest
in classRadiusPacket
- Parameters:
sharedSecret
- shared secret that secures the communication with the other Radius server/client- Returns:
- RadiusPacket with new authenticator and/or encoded attributes
- Throws:
java.lang.UnsupportedOperationException
- auth type not supported
-
encodeResponse
public RadiusPacket encodeResponse(java.lang.String sharedSecret, byte[] requestAuthenticator)
Description copied from class:RadiusPacket
Encode and generate authenticator. Should be idempotent.Requires request authenticator to generator response authenticator.
- Overrides:
encodeResponse
in classRadiusPacket
- Parameters:
sharedSecret
- shared secret to be used to encode this packetrequestAuthenticator
- request packet authenticator- Returns:
- new RadiusPacket instance with same properties and valid authenticator
-
encodeRequestAttributes
protected java.util.List<RadiusAttribute> encodeRequestAttributes(byte[] authenticator, java.lang.String sharedSecret) throws java.lang.UnsupportedOperationException
Sets and encrypts the User-Password attribute.- Parameters:
authenticator
- authenticator to use to encode PAP password, nullable if using different auth protocolsharedSecret
- shared secret that secures the communication with the other Radius server/client- Returns:
- List of RadiusAttributes to override
- Throws:
java.lang.UnsupportedOperationException
- auth protocol not supported
-
copy
public AccessRequest copy()
- Overrides:
copy
in classRadiusPacket
-
-