RADIUS Server, RADIUS Client and TACACS+ Client APIs

Home

Search

Prices & Ordering

Support

RADIUS Server

RADIUS Client

TACACS+ Client

Other Java Software

Company

Contact

Privacy

Disclaimer

Version 4 update:

The long awaited version 4 of the AXL Software RADIUS Server is in the beta testing phase. The TLS module has been completed allowing encoded wireless (802.1) authentication to proceed.

US customers who already have the V3 server are invited to request the V4 system for testing.

The following EAP authentication protocols are supported:

  • EAP-PEAP
  • EAP-TLS
  • EAP-MD5
  • EAP-LEAP
  • EAP-GTC
  • EAP-MSCHAPV2
  • EAP-TTLS

EAP-TTLS tunneled authentication methods:

  • PAP
  • CHAP
  • MSCHAP
  • MSCHAPV2
  • EAP-GTC
  • EAP-MD5

Some of the API has changed significantly. Some server and client code written for version 3 will not be compatible with version 4.

The server's package is now com.axlradius.radserver4.

Some methods have been removed (almost all were redundant or deprecated in Version 3). A list of changes and substitutions will be provided.

AttributeName, AttributeDataType, Ascend, Wispr have been removed. (Ascend and Wispr are available using the Dictionary classes). The BD(Basic Dictionary) class replaces AV (Attribute Value). AV remains as a front end to BD.

The SnoopImpl and EncryptImp implementations have been removed.

Most authentication classes have moved to the package com.axlradius.radserver4.auth. There are subpackages for Digest authentication, and most importantly EAP. EAP is futher divide into the EAP methods like GTC, LEAP, MSCHAPV2, TLS. TLS is futher divided into PEAP and TTLS.

The TLS support is currently limited to RSA signatures. Clients may or may not be required to have their own certificates. Clients must share the root certificate with the server. CRL's are not quite supported yet. DSS support is present but untested.

The server uses a Keystore to hold the certificates. One is the root certificate, the other is the server's certificate chain (less the root certificate). The client uses the same structure.

EAP handling has improved considerably both for the client and server.

SNMP support is being withdrawn (but the SNMP statistics are still kept and remain available through the API). The SNMP agent providing the SMNP protocol is being left out for a while.

The example server now automatically determines the authentiation type for the request and processes it accordingly.

 

TOP