Package org.tinyradius.packet.request
Class AccessRequest
java.lang.Object
org.tinyradius.packet.BaseRadiusPacket
org.tinyradius.packet.request.RadiusRequest
org.tinyradius.packet.request.AccessRequest
- All Implemented Interfaces:
AttributeHolder
,NestedAttributeHolder
,RadiusPacket
,MessageAuthSupport<AccessRequest>
- Direct Known Subclasses:
AccessRequestChap
,AccessRequestEap
,AccessRequestPap
public abstract class AccessRequest extends RadiusRequest implements MessageAuthSupport<AccessRequest>
This class represents an Access-Request Radius packet.
-
Field Summary
Fields Modifier and Type Field Description protected static java.util.Set<java.lang.Byte>
AUTH_ATTRS
static byte
CHAP_PASSWORD
static byte
EAP_MESSAGE
protected static org.apache.logging.log4j.Logger
logger
protected static java.security.SecureRandom
RANDOM
static byte
USER_NAME
static byte
USER_PASSWORD
-
Constructor Summary
Constructors Modifier Constructor Description protected
AccessRequest(Dictionary dictionary, byte identifier, byte[] authenticator, java.util.List<RadiusAttribute> attributes)
-
Method Summary
Modifier and Type Method Description abstract AccessRequest
copy()
static AccessRequest
create(Dictionary dictionary, byte identifier, byte[] authenticator, java.util.List<RadiusAttribute> attributes)
Create new AccessRequest, tries to identify auth protocol from attributes.protected abstract AccessRequest
encodeAuthMechanism(java.lang.String sharedSecret, byte[] newAuth)
Create copy of AccessRequest with new authenticator and encoded attributesAccessRequest
encodeRequest(java.lang.String sharedSecret)
AccessRequest overrides this method to generate a randomized authenticator (RFC 2865) and encode required attributes (e.g.protected byte[]
random16bytes()
protected abstract void
verifyAuthMechanism(java.lang.String sharedSecret)
Verify packet for specific auth protocolsvoid
verifyRequest(java.lang.String sharedSecret)
AccessRequest cannot verify authenticator as they contain random bytes.Methods inherited from class org.tinyradius.packet.BaseRadiusPacket
createHashedAuthenticator, equals, getAttributes, getAuthenticator, getChildVendorId, getDictionary, getId, getMd5Digest, getType, hashCode, toString, verifyPacketAuth
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
Methods inherited from interface org.tinyradius.attribute.util.AttributeHolder
addAttribute, addAttribute, getAttribute, getAttribute, getAttributeBytes, getAttributeMap, getAttributes, getAttributes, getAttributeString, getChildVendorId, lookupAttributeType, removeAttributes, removeLastAttribute
Methods inherited from interface org.tinyradius.packet.util.MessageAuthSupport
calcMessageAuthInput, computeMessageAuth, encodeMessageAuth, verifyMessageAuth
Methods inherited from interface org.tinyradius.attribute.util.NestedAttributeHolder
addAttribute, getAttribute, getAttributes, getAttributes, getVendorSpecificAttributes, removeAttribute, removeAttributes, removeSubAttribute
Methods inherited from interface org.tinyradius.packet.RadiusPacket
getAttributes, getAuthenticator, getDictionary, getId, getType
-
Field Details
-
logger
protected static final org.apache.logging.log4j.Logger logger -
RANDOM
protected static final java.security.SecureRandom RANDOM -
USER_PASSWORD
public static final byte USER_PASSWORD- See Also:
- Constant Field Values
-
CHAP_PASSWORD
public static final byte CHAP_PASSWORD- See Also:
- Constant Field Values
-
EAP_MESSAGE
public static final byte EAP_MESSAGE- See Also:
- Constant Field Values
-
AUTH_ATTRS
protected static final java.util.Set<java.lang.Byte> AUTH_ATTRS -
USER_NAME
public static final byte USER_NAME- See Also:
- Constant Field Values
-
-
Constructor Details
-
AccessRequest
protected AccessRequest(Dictionary dictionary, byte identifier, byte[] authenticator, java.util.List<RadiusAttribute> attributes)- Parameters:
dictionary
- custom dictionary to useidentifier
- packet identifierauthenticator
- authenticator for packet, nullableattributes
- list of attributes for packet
-
-
Method Details
-
encodeAuthMechanism
protected abstract AccessRequest encodeAuthMechanism(java.lang.String sharedSecret, byte[] newAuth) throws RadiusPacketExceptionCreate copy of AccessRequest with new authenticator and encoded attributes- Parameters:
sharedSecret
- shared secret that secures the communication with the other Radius server/clientnewAuth
- authenticator to use to encode PAP password, nullable if using different auth protocol- Returns:
- RadiusPacket with new authenticator and encoded attributes
- Throws:
RadiusPacketException
- if invalid or missing attributes
-
copy
- Specified by:
copy
in interfaceMessageAuthSupport<AccessRequest>
- Specified by:
copy
in interfaceRadiusPacket
- Overrides:
copy
in classRadiusRequest
- Returns:
- AccessRequest implementation copy including intermediate/transient values and passwords
-
encodeRequest
AccessRequest overrides this method to generate a randomized authenticator (RFC 2865) and encode required attributes (e.g. User-Password).- Overrides:
encodeRequest
in classRadiusRequest
- Parameters:
sharedSecret
- shared secret that secures the communication with the other Radius server/client- Returns:
- RadiusPacket with new authenticator and encoded attributes
- Throws:
RadiusPacketException
- if invalid or missing attributes
-
verifyAuthMechanism
protected abstract void verifyAuthMechanism(java.lang.String sharedSecret) throws RadiusPacketExceptionVerify packet for specific auth protocols- Parameters:
sharedSecret
- shared secret- Throws:
RadiusPacketException
- if invalid or missing attributes
-
verifyRequest
AccessRequest cannot verify authenticator as they contain random bytes.It can, however, check the User-Password/Challenge attributes are present and attempt decryption, depending on auth protocol.
- Overrides:
verifyRequest
in classRadiusRequest
- Parameters:
sharedSecret
- shared secret, only applicable for PAP- Throws:
RadiusPacketException
- if authenticator check fails
-
create
public static AccessRequest create(Dictionary dictionary, byte identifier, byte[] authenticator, java.util.List<RadiusAttribute> attributes)Create new AccessRequest, tries to identify auth protocol from attributes.- Parameters:
dictionary
- custom dictionary to useidentifier
- packet identifierauthenticator
- authenticator for packet, nullableattributes
- list of attributes for packet, should not be empty or a stub AccessRequest will be returned- Returns:
- AccessRequest auth mechanism-specific implementation
-
random16bytes
protected byte[] random16bytes()
-