The AttibuteList class handles the attributes and their conversions from Java types to RADIUS types and back.
There are two constructors, one that takes a list of Attribute classes and converts them to an AttributeList and a default constructor that creates an empty list.
All attributes are added using various of AttributeList.addAttribute(). There are methods for adding strings, bytes, IP addresses, integers, time (Date), Vendor-Specific, and Attributes. Here are some examples:
AttributeList aList = new AttributeList();
// Add an IP address.
aList.addAttribute(Attribute.NAS_IP_Address, InetAddress.getByName("192.168.1.1"));
// Add a string.
aList.addAttribute(Attribute.NAS_Identifier, "NAS001");
// Add an integer.
aList.addAttribute(Attribute.NAS_Port, 3);
// Add a known value.
aList.addAttribute(Attribute.Acct_Status_Type, AV.Acct_Status_Type.Start);
// Add a byte array
byte userName[] = "michael".getBytes();
aList.addAttribute(Attribute.User_Name, userName);
//Add the current time.
//The date will be stored as seconds from the epoch.
aList.addAttribute(Attribute.Event_Timestamp, new Date());
// A tunnel tag attribute:
aList.addAttribute(Attribute.Tunnel-Type, 0, AV.Tunnel_Type.L2F);
In the RADIUS server authentication and accounting implementations attributes are
returned using the AuthInfo.setResponseAttributes() and AccountingInfo.setResponseAttributes()
methods respectively. The RADIUSClient passes the AttributeList class as an argument
to the RADIUSClient.authenticate() and RADIUSClient.account()
methods.
Note: that when the RFC's use the word String
it does not necessarily mean a Java string. It can mean an octet string,
especially in attributes like CHAP-Password. The default encoding is UTF-8 for
strings. Using this to encode a binary value will probably lead to unexpected results.
In the RADIUS server authentication or accounting implementations the request
attributes are available by calling the AuthInfo.getRequestAttributeList()
method and AccountingInfo.getRequestAttributeList() respectively. The
RADIUSClient uses the RADIUSClient.getAttributes() to acquire the AttributeList.
In many cases more than one of the same attribute may be present, for example State and Vendor-Specific, and Reply-Message. Therefore there are several methods that get all of the attributes of a particular type. Attribute data or actual Attributes can be retrieved.
Examples:
// Get the attribute list from AuthInfo
public void authenticate(AuthInfo auth)
throws AccessRejectException, AccessDropException
{
AttributeList inList = auth.getRequestAttributeList();
// Get all the Vendor-Specific attributes.
AttributeList vbl = inList.getAttributeList(Attribute.Vendor_Specific);
for (Enumeration e = vbl.elements(); e.hasMoreElements) {
// Look for a particular Vendor.
VendorSpecific vs = new VendorSpecific((Attribute)e.nextElement());
if (vs.getVendorId() == Cisco.VendorID)
...
}
// Get all Vendor-Specific for a particular vendor:
VendorSpecific vsl[] = inList.getVendorSpecific(Microsoft.VENDORID);
// Get an integer. These have to be checked for existence since
// There are no bad integer returns (if missing it returns 0).
if (inList.exists(Attribute.NAS_Port)) {
int nasPort = inList.getInt(Attribute.NAS_Port);
}
// Get a string.
String callingStation = inList.getStringAttribute(Attribute.Calling_Station_Id);
if (callingStation != null) {
...
}
// Get an IP address.
InetAddress nasIP = inList.getIPAttribute(Attribute.NAS_IP_Address);
if (nasIP != null) {
...
}
// Get a binary attribute.
byte cp[] = inList.getBinaryAttribute(Attribute.CHAP_Challenge);
if (cp != null) {
...
}
// Get all binary attributes for a given type.
byte state[][] = inList.getAllBinaryAttributes(Attribute.State);
if (state != null) {
for (int i = 0; i < state.length; i++) {
System.out.println("State " + i + ": " + AttributeList.toHexString(state[i]));
}
}
//Get all attributes of a certain type:
Attribute al[] = inList.getAttributes(Attribute.EAP_Message);
// or
AttributeList zList = inList.getAttributeList(Attribute.EAP_Message);
}
Other methods allow merging of AttributeLists, arrays of Attributes, deleting attributes, and counting attributes. The toString() method displays the entire AttributeList in a human readable form.