javaradius_基于RSAsecurID的Radius⼆次验证java实现
(PAP验证⽅式)
基于rsa SecurID的⼆次验证。RSA server⾃⾝可以作为Radius服务器,RSA也可以和其他的软件集合,使⽤其他的server作为Radius 服务器。
radius的验证的⼀般流程如下图:
⽤java实现的主要代码实现如下(需要导⼊radius相关jar包,主要为radiusclient3.jar):
①radius第⼀次验证, RADIUSClient的4个参数分别为server ip,port,Radius的密钥,radius输⼊超时时间. authenticate的username和password即为所需要验证的⽤户.
1 RADIUSClient r = null;
2 int nResult = 0; r = new RADIUSClient("ip", port , "secret" , radius_soctet_timeout);3
r.setDebug(true);4 AttributeList aList = newAttributeList();5 aList.addAttribute(Attribute.NAS_Port, 1);6 nResult =
r.authenticate(username, password, aList);
②跟据返回的nResult进⾏判断.代码中的数字3代表access_reject, 数字0代表access_badpacket, 数字11代表access_challenge, 数字2代表access_accept.
当遇到access_challenge时,有两种情况,⼀只是需要new pin(new pin的情况相对复杂⼀点), 另⼀种是需要next token.另外,这个Attribute.State属性是⼀直要继承的,⽤来区分
是否是我们需要的那⼀次验证(如代码25, 26⾏,就把state带⼊下⼀次验证,⽤来验证识别).
1 switch(nResult) {radius软件
2 case3:
3 try{
4 AttributeList response =r.getAttributes();
5 AttributeList state
=AttributeList(Attribute.State);6 }7 catch(Exception e){8
9 }10
11 break;12 case0:13
14 break;15 case11:16 AttributeList response =r.getAttributes();17 AttributeList state
=AttributeList(Attribute.State);set();19 System.out.println(":");20 Scanner sa =
newScanner(System.in);21 String sl =sa.next();22 String mima = sl + "";23 AttributeList attList = newAttributeList();24 attList.addAttribute(Attribute.NAS_Port, 1);Attributes(state);26 nResult =r.authenticate(username, mima, attList);27 System.out.PacketType());28 System.
out.println("r.getErrorString():" +r.getErrorString());29 System.out.println("Second nResult:" +nResult);30 if(nResult ==11){31 AttributeList rresponse =r.getAttributes();32   AttributeList sstate =AttributeList(Attribute.State);set();34   System.out.println("re new pins");35   Scanner ssa = newScanner(System.in);36   String ssl =();37   String renewpin = ssl + "";38
System.out.println(renewpin);39   AttributeList aattList = newAttributeList();40   
aattList.addAttribute(Attribute.NAS_Port, 1);Attributes(sstate);42   nResult =r.authenticate(username, renewpin, aattList);43 System.out.PacketType());44   System.out.println("r.getErrorString():"
+r.getErrorString());4546   if (nResult ==11){47     AttributeList rrresponse =r.getAttributes();48     AttributeList ssstate =AttributeList(Attribute.State);set();50    System.out.println("posscode");51    Scanner ressa = newScanner(System.in);52     String ressl =();53      String passcode = ressl + "";54      AttributeList reaattList = newAttributeList();55     reaattList.addAttribute(Attribute.NAS_Port, 1);56     nResult =r.authenticate(username, passcode, reaattList);57 System.out.PacketType());58     System.out.println("r.getErrorString():" +r.ge
tErrorString());59     System.out.println("nResult:" +nResult);60       if (nResult ==2){61       return"AUTH SUCCESS";62 }63 }64 }65 if (nResult ==2){66 return"AUTH SUCCESS";67 }68 case2:69
70 return"AUTH SUCCESS";71 default:72
73 break;74 }75 return "AUTH FAILURE";

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。