Java处理Radius access-challenge

最近使用 RSA Authentication Manager, 并且与其自带的Radius server整合,
RSA的Radius server 配置不太透明, 目前只配成功了PAP方式的验证,CHAP目前不成功。

RSA Radius在token输错3次后有要求用户输入next token的安全设置方式,
开始不知道java如何处理,后来查了一些资料,Radius协议本身是无状态的,客户端第二次next token

的request需要跟上前一次response中的state才能让服务器识别出这个session,跟http 的 session是一个意思。

?





1

2

3

4

5

6

7

8

9

10

11

12

13

14

// next token new request send

                    AttributeList response = r.getAttributes();

                    <span style="color: rgb(255, 0, 0);">AttributeList state = response.getAttributeList(Attribute.State);</span>

                    System.out.println(">>>>>>>Response state:"
+ state);

                    System.out.println("next Token");

                    Scanner sa = new
Scanner(System.in);

                    String sl = sa.next();

                    String mima = sl + "";

                    System.out.println(mima);

                    AttributeList attList = new
AttributeList();

                    attList.addAttribute(Attribute.NAS_Port, 1);

                    <span style="color: rgb(255, 0, 0);">attList.mergeAttributes(state);</span>

                    int
nResul = r.authenticate("ryan", mima, attList);

   

注意这个

?





1

r.authenticate("ryan", mima, attList);

处理的是PAP格式的请求。

First Token

17507862

17507862

>>>>>>>>>>>>>>>>>>>authenticate.

<81> ------------------- Request Packet -----------------

<81> Address: 10.207.67.63:1812  Packet Length: 50 Type:
Access-Request(1)

01 51 00 32 77 98 1B F0 - C0 39 C4 41 A0 6D BF 7A   .Q.2w... -
.9.A.m.z

55 0D D5 F6 05 06 00 00 - 00 01 01 06 72 79 61 6E   U....... -
....ryan

02 12 98 8C D9 43 C5 7E - 34 C2 E5 3A F5 31 21 4A   .....C.~ -
4..:.1!J

13 78 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00   .x...... -
........

Attributes:

NAS-Port (5), Length: 6, Data: [# 1], 0x00000001

User-Name (1), Length: 6, Data: [ryan], [# 1920557422] / [IP 114.121.97.110],
0x7279616E

User-Password (2), Length: 18, Data: 0x988CD943C57E34C2E53AF531214A1378

<81> ---------------------------------------------------

<81> ------------------- Response Packet -----------------

<81> Address: 10.207.67.63:1812  Packet Length: 88 Type:
Access-Challenge(11)

0B 51 00 58 69 D2 A0 52 - C1 EC FC 7D 71 AA 91 42   .Q.Xi..R -
...}q..B

65 6E 4D 17 4C 06 00 00 - 00 00 12 30 0D 0A 50 6C   enM.L... -
...0..Pl

65 61 73 65 20 45 6E 74 - 65 72 20 74 68 65 20 4E   ease Ent - er
the N

65 78 74 20 43 6F 64 65 - 20 66 72 6F 6D 20 59 6F   ext Code
-  from Yo

75 72 20 54 6F 6B 65 6E - 3A 00 18 0E 53 42 52 2D   ur Token -
:...SBR-

43 48 20 34 36 7C 31 00 - 00 00 00 00 00 00 00 00   CH 46|1. -
........

Attributes:

Prompt (76), Length: 6, Data: [# 0], 0x00000000

Reply-Message (18), Length: 48, Data:
0x0D0A506C6561736520456E74657220746865204E65787420436F64652066726F6D20596F757220546F6B656E3A00

State (24), Length: 14, Data: 0x5342522D43482034367C3100

<81> ---------------------------------------------------

>>>>>>>Response Result:11

>>>>>>>Response state:State (24), Length: 14, Data:
0x5342522D43482034367C3100

next Token

77340845

77340845

<100> ------------------- Request Packet -----------------

<100> Address: 10.207.67.63:1812  Packet Length: 64 Type:
Access-Request(1)

01 64 00 40 41 73 2F F7 - 74 13 A4 3D 98 76 58 84   [email protected]/.
- t..=.vX.

9C 8B 5A D3 05 06 00 00 - 00 01 18 0E 53 42 52 2D   ..Z..... -
....SBR-

43 48 20 34 36 7C 31 00 - 01 06 72 79 61 6E 02 12   CH 46|1. -
..ryan..

A5 1C 73 E3 60 F0 57 21 - 39 9E 8A EA 8D BB 3C EA   ..s.`.W! -
9.....<.

Attributes:

NAS-Port (5), Length: 6, Data: [# 1], 0x00000001

State (24), Length: 14, Data: 0x5342522D43482034367C3100

User-Name (1), Length: 6, Data: [ryan], [# 1920557422] / [IP 114.121.97.110],
0x7279616E

User-Password (2), Length: 18, Data: 0xA51C73E360F05721399E8AEA8DBB3CEA

<100> ---------------------------------------------------

<100> ------------------- Response Packet -----------------

<100> Address: 10.207.67.63:1812  Packet Length: 86 Type:
Access-Accept(2)

02 64 00 56 E5 63 66 C1 - 9F 85 75 47 09 97 CE AB   .d.V.cf. -
..uG....

8A 7A 19 C4 19 37 53 42 - 52 32 43 4C 81 ED 94 D1   .z...7SB -
R2CL....

C8 E6 EA DE 8B 80 11 80 - 22 01 80 03 81 98 CE 80   ........ -
".......

02 80 05 81 B9 9E AC 96 - F0 12 80 0E 81 81 ED 94   ........ -
........

D1 C8 E6 EA DE 8B 80 80 - 80 84 9C 01 0B 55 73 65   ........ -
.....Use

72 2D 4E 61 6D 65 00 00 - 00 00 00 00 00 00 00 00   r-Name.. -
........

Attributes:

Class (25), Length: 55, Data:
0x53425232434C81ED94D1C8E6EADE8B801180220180038198CE8002800581B99EAC96F012800E8181ED94D1C8E6EADE8B808080849C

User-Name (1), Length: 11, Data: [User-Name], 0x557365722D4E616D65

<100> ---------------------------------------------------

>>>>>>>>>>>>>>>>>>>authenticate
again.

r.getErrorString():No Error (0)

Second nResult:2

Second nResult:2

Second nResult:Access-Accept

Final return:0

Java处理Radius access-challenge,布布扣,bubuko.com

时间: 2024-11-05 19:02:44

Java处理Radius access-challenge的相关文章

java.sql.SQLException: Access denied for user &#39;jinxin&#39;@&#39;localhost&#39; (using password: YES)

用mybatis和spring整合时出现了一个错误: 我是在IntelliJ IDEA上整合Mybatis和Spring的,运行测试用例出现了如上错误. 红色的马赛克部分是我的名字,问题是,我的数据库里面没有以我名字为用户名的用户.而只有IntelliJIDEA是用我的名字授权的. 网上搜了很多类似的错误处理方法. java.sql.SQLException: Access denied for user 'jinxin'@'localhost' (using password: YES)

Java 连接MS Access数据库

java连接MS Access的两种方式: 1.JDBC-ODBC Java连接Access可以使用MS自带的管理工具-->数据源(ODBC)设置建立连接,这样就不需要导入jar.但是,如此一来程序部署的每个机器上都要进行设置不方面.所以现在不会使用啦. 2.JDBC java也可以和连接其他数据库一样连接MS Access,导入数据库相应的jar包,进行连接. java Access JDBC jar包:Access_JDBC30.jar 具体连接,参考下面代码: 复制代码 1 try { 2

连接mysql时提示java.sql.SQLException: Access denied for user &#39;root&#39;@&#39;DESKTOP-N2B2D9A&#39; (using password: YES)

用root连接mysql时提示:访问被拒绝 检查一下mysql server是否开启,发现后台在运行着..  然后查了一下mysql的用户表,发现root只能运行使用本地ip(localhost或者127.0.0.1)进行连接 解决方法:新开一个权限GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'jeffw' WITH GRANT OPTION; 然后查询一下:select * from user; 新开的root的已经开启权限,

java 错误:Access restriction: The type Resource is not accessible due to restriction on required library

Eclipse 默认把这些受访问限制的API设成了ERROR.只要把Windows-Preferences-Java-Complicer- Errors/Warnings里面的Deprecated and restricted API中的Forbidden references(access rules)选为Warning就可以编译通过. java 错误:Access restriction: The type Resource is not accessible due to restrict

MySQL java连接被拒绝:java.sql.SQLException: Access denied for user &#39;root&#39;@&#39;****&#39; (using password: YES)

java.sql.SQLException: Access denied for user 'root'@'***.**.**.**' (using password: YES) MySQL服务器部署在Linux上,错误中被我隐掉的是我的公网IP. 这是由于"IP为***.**.**.**,名字为root"的用户 没有权限访问数据库 解决办法: 通过Navicat连接数据库,执行下面内容: grant all privileges on *.* to [email protected]

java.sql.SQLException: Access denied for user &#39;&#39;@&#39;localhost&#39; (using password: No)

出错原因: 连接数据库是忘记配username 和 password 了 刚在学hiberbate4,把持久层从纯粹的jdbc改为hiberbate 出现的错误.(原来的是直接读取properties) 解决方法就是在hibernate.cfg.xml加上最后两行(当然其他的也必不可少) 1 <property name="connection.url">jdbc:mysql://localhost:3306/sm</property> 2 <proper

java.sql.SQLException: Access denied for user &#39;root&#39;@&#39;10.10.7.180&#39; (using password: YES)

1.刚开始连接数据库提示是: java.sql.SQLException: Access denied for user 'root'@'10.10.7.180' (using password: NO) 于是,我设置了root的密码:mysqladmin -u root password "newpwd". 注:shell> mysqladmin -u root -h host_name password "newpwd"password后面的双引号不是必须

java.sql.SQLException: Access denied for user &#39;scott&#39;@&#39;localhost&#39; (using password: YES)

今天用eclipse连接一下数据库,出现此异常. java.sql.SQLException: Access denied for user 'scott'@'localhost' (using password: YES) JAVA中链接类 解决办法:发现数据库好久不用,用户的登录密码记错了. java.sql.SQLException: Access denied for user 'scott'@'localhost' (using password: YES)

使用mybatis生成相关文件时java.sql.SQLException: Access denied for user &#39;root&#39;@&#39;localhost&#39; (using password)

问题:使用mybatis生成相关文件时,dos显示java.sql.SQLException: Access denied for user 'root'@'localhost' (using password) 解决方式:1,先检查数据库的配置文件密码是否错误, 2,检查mybatis-generator.xml的密码是否与数据库的密码相等,因为这个文件的密码不会影响到后台的数据,所以最容易被忽略,造成后台数据可以正常读取,而mybatis却不能生成相关的文件. 使用mybatis生成相关文件