The digest authentication method is taken from RADIUS 'Extension for Digest Authentication' as described in the document draft-sterman-aaa-sip-00.txt. This draft has expired but non-the-less is the de-facto standard for SIP and HTTP authentication using RADIUS.
There are a number of fields associated with the authentication method which are described in section 2.2 'Digest-Attributes attribute'. These field values should be checked for valid access which is outside the scope of the server.
The server side authentication use the class com.theorem.radserver3.auth.server.DigestAuthentication. It allows access to all fields for validity checks of, for example, the URI and User-Name using the java.util.Properties class to extract the fields by their names as described in the draft definition.
The code to perform this authentication follows:
public void authenticate(AuthInfo auth) throws AccessRejectException, AccessDropException
{
...
DigestAuthentication das = new DigestAuthentication(auth);
// Do some checking of the properties if you like.
// Not much is done in this example.
Properties digestProps = das.getProperties();
String method = digestProps.getProperty("Method", "");
if (method.equals("INVITE"))
auth.getRADIUSServer().debugLog("Found an INVITE");
// Authenticate.
result = das.process(passwordBytes);
if (result == true)
auth.setAccessAccept();
else
auth.setAccessReject();
}
The client side can use something like this:
// Create some common attributes required for authentication. AttributeList common = new AttributeList();
common.addAttribute(Attribute.User_Name, "digest");
common.addAttribute(Attribute.NAS_Identifier, "DigestClient"); // Create the client using an open RADIUSClient (rc).
ClientDigest cda = new ClientDigest(rc, common); // Set the various elements.
cda.setRealm("deltathree");
cda.setNonce("3bada1a0");
cda.setMethod("INVITE");
cda.setURI("sip:97226491335@213.137.69.38");
cda.setAlgorithm("md5");
cda.setUserName("12345678");
cda.setResponse("939044714f373240de9fdc67fc61ab68"); // Run the authentication and check the results.
int result = cda.authenticate();
System.out.println("Returned result " + new PacketType().getName(result));
System.out.println("Attributes:\n" + rc.getAttributes());