radius java_Java处理Radius access-challenge

最近使用 RSA Authentication Manager，并且与其自带的Radius server整合， RSA的Radius server 配置不太透明，目前只配成功了PAP方式的验证，CHAP目前不成功。

RSA Radius在token输错3次后有要求用户输入next token的安全设置方式，开始不知道java如何处理，后来查了一些资料，Radius协议本身是无状态的，客户端第二次next token

的request需要跟上前一次response中的state才能让服务器识别出这个session，跟http 的 session是一个意思。

// next token new request send

AttributeList response = r.getAttributes();

AttributeList state = response.getAttributeList(Attribute.State);

System.out.println(">>>>>>>Response state:" + state);

System.out.println("next Token");

Scanner sa = new Scanner(System.in);

String sl = sa.next();

String mima = sl + "";

System.out.println(mima);

AttributeList attList = new AttributeList();

attList.addAttribute(Attribute.NAS_Port, 1);

attList.mergeAttributes(state);

int nResul = r.authenticate("ryan", mima, attList);

注意这个

r.authenticate("ryan", mima, attList);

处理的是PAP格式的请求。

First Token

17507862

>>>>>>>>>>>>>>>>>>>authenticate.

<81> ------------------- Request Packet -----------------

<81> Address: 10.207.67.63:1812 Packet Length: 50 Type: Access-Request(1)

01 51 00 32 77 98 1B F0 - C0 39 C4 41 A0 6D BF 7A .Q.2w... - .9.A.m.z

55 0D D5 F6 05 06 00 00 - 00 01 01 06 72 79 61 6E U....... - ....ryan

02 12 98 8C D9 43 C5 7E - 34 C2 E5 3A F5 31 21 4A .....C.~ - 4..:.1!J

13 78 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 .x...... - ........

Attributes:

NAS-Port (5), Length: 6, Data: [# 1], 0x00000001

User-Name (1), Length: 6, Data: [ryan], [# 1920557422] / [IP 114.121.97.110], 0x7279616E

User-Password (2), Length: 18, Data: 0x988CD943C57E34C2E53AF531214A1378

<81> ---------------------------------------------------

<81> ------------------- Response Packet -----------------

<81> Address: 10.207.67.63:1812 Packet Length: 88 Type: Access-Challenge(11)

0B 51 00 58 69 D2 A0 52 - C1 EC FC 7D 71 AA 91 42 .Q.Xi..R - ...}q..B

65 6E 4D 17 4C 06 00 00 - 00 00 12 30 0D 0A 50 6C enM.L... - ...0..Pl

65 61 73 65 20 45 6E 74 - 65 72 20 74 68 65 20 4E ease Ent - er the N

65 78 74 20 43 6F 64 65 - 20 66 72 6F 6D 20 59 6F ext Code - from Yo

75 72 20 54 6F 6B 65 6E - 3A 00 18 0E 53 42 52 2D ur Token - :...SBR-

43 48 20 34 36 7C 31 00 - 00 00 00 00 00 00 00 00 CH 46|1. - ........

Attributes:

Prompt (76), Length: 6, Data: [# 0], 0x00000000

Reply-Message (18), Length: 48, Data: 0x0D0A506C6561736520456E74657220746865204E65787420436F64652066726F6D20596F757220546F6B656E3A00

State (24), Length: 14, Data: 0x5342522D43482034367C3100

<81> ---------------------------------------------------

>>>>>>>Response Result:11

>>>>>>>Response state:State (24), Length: 14, Data: 0x5342522D43482034367C3100

next Token

77340845

<100> ------------------- Request Packet -----------------

<100> Address: 10.207.67.63:1812 Packet Length: 64 Type: Access-Request(1)

01 64 00 40 41 73 2F F7 - 74 13 A4 3D 98 76 58 84 .d.@As/. - t..=.vX.

9C 8B 5A D3 05 06 00 00 - 00 01 18 0E 53 42 52 2D ..Z..... - ....SBR-

43 48 20 34 36 7C 31 00 - 01 06 72 79 61 6E 02 12 CH 46|1. - ..ryan..

A5 1C 73 E3 60 F0 57 21 - 39 9E 8A EA 8D BB 3C EA ..s.`.W! - 9.....<.>

Attributes:

NAS-Port (5), Length: 6, Data: [# 1], 0x00000001

State (24), Length: 14, Data: 0x5342522D43482034367C3100

User-Name (1), Length: 6, Data: [ryan], [# 1920557422] / [IP 114.121.97.110], 0x7279616E

User-Password (2), Length: 18, Data: 0xA51C73E360F05721399E8AEA8DBB3CEA

<100> ---------------------------------------------------

<100> ------------------- Response Packet -----------------

<100> Address: 10.207.67.63:1812 Packet Length: 86 Type: Access-Accept(2)

02 64 00 56 E5 63 66 C1 - 9F 85 75 47 09 97 CE AB .d.V.cf. - ..uG....

8A 7A 19 C4 19 37 53 42 - 52 32 43 4C 81 ED 94 D1 .z...7SB - R2CL....

C8 E6 EA DE 8B 80 11 80 - 22 01 80 03 81 98 CE 80 ........ - ".......

02 80 05 81 B9 9E AC 96 - F0 12 80 0E 81 81 ED 94 ........ - ........

D1 C8 E6 EA DE 8B 80 80 - 80 84 9C 01 0B 55 73 65 ........ - .....Use

72 2D 4E 61 6D 65 00 00 - 00 00 00 00 00 00 00 00 r-Name.. - ........

Attributes:

Class (25), Length: 55, Data: 0x53425232434C81ED94D1C8E6EADE8B801180220180038198CE8002800581B99EAC96F012800E8181ED94D1C8E6EADE8B808080849C

User-Name (1), Length: 11, Data: [User-Name], 0x557365722D4E616D65

<100> ---------------------------------------------------

>>>>>>>>>>>>>>>>>>>authenticate again.

r.getErrorString():No Error (0)

Second nResult:2

Second nResult:Access-Accept

Final return:0

radius java_Java处理Radius access-challenge相关推荐

zemax---GEO Radius and RMS Radius
zemax---GEO Radius and RMS Radius GEO Radius RMS Radius GEO Radius 不知道有没有小伙伴遇到了和我一样的疑惑,在zemax中,我们总是会 ...
Radware Alteon Radius认证+Windows Radius server
本篇文章介绍下Radware Alteon结合Windows Radius server的radius认证,Alteon上的配置很简单,主要是Radius服务器上的配置需要填写相应的厂商指定属性. 在 ...
授权使用服务器协议,RADIUS服务器使用RADIUS协议完成对用户主机的认证、授权和计费时,RADIUS协议工作流程如下:(a)用户 - 赏学吧...
RADIUS服务器使用RADIUS协议完成对用户主机的认证.授权和计费时,RADIUS协议工作流程如下: (a)用户使用ADSL拨号上网: (b)BRAS从用户处获取用户名和口令,将其与用户其他信息( ...
php radius类,PHP Radius Search
问题 I'm going to build an app where the users can see points of interest in a predefined radius aroun ...
【转】浅谈Radius协议
浅谈Radius协议 2013-12-03 16:06 5791人阅读评论(0) 收藏举报分类: Radius协议分析(6) 从事Radius协议开发有段时间了,小弟不怕才疏学浅,卖弄一下, ...
转：浅谈Radius协议 -来自CSDN：http://blog.csdn.net/wangpengqi/article/details/17097221
浅谈Radius协议 2013-12-03 16:06 5791人阅读评论(0) 收藏举报分类: Radius协议分析(6) 从事Radius协议开发有段时间了,小弟不怕才疏学浅,卖弄一下, ...
Radius/Free Radius/Diameter协议
RADIUS( Remote Access Dial In User Service) Protocol主要用来提供认证(Authentication)机制,用来辨认使用者的身份与密码,确认通过之后, ...
华为H3C交换机+Radius+mysql Radius认证认证方案，嵌入式客户端代码，配置(上：认证方案)
最近做的一个嵌入式Radius认证方案,分上中下,上:认证方案,中:嵌入式客户端代码下:交换机和Radius配置技术交流:1532709892@qq.com (一)Radius认证方案说明: 当交 ...
华为H3C交换机+Radius+mysql Radius认证认证方案，嵌入式客户端代码，配置(上：认证方案)
转载 EZcast (一)Radius认证方案说明: 当交换机设置成需要认证模式,交换机只允许认证协议包通过交换机,其他网络数据包不允许通过,直到认证通过,交换机开放端口. Radius认证方案是一个 ...

radius java_Java处理Radius access-challenge

radius java_Java处理Radius access-challenge相关推荐

最新文章

热门文章