com.theorem.radserver3
Class PacketInfo

Object
  PacketInfo

Direct Known Subclasses:

AccountingInfo, AuthInfo, ExtendedInfo, NASInfo, ProxyInfo

public class PacketInfo

extends Object

Class providing information to an implementation class and returning packet information to the RADIUS server.

See Also:

AccountingImpl, ExtendedPacketImpl, SnoopImpl, EncryptImpl

Field Summary

static int	AUTH_LENGTH RADIUS authenticator length (value = 16).
static byte	AUTH_STATE_OBJECT Code to set or get the State attribute object normally set by the AccessImpl class.

Method Summary

void	addProxyTarget(ProxyTarget pt) Add a proxy target to the target tables.
AttributeList	appendResponseAttributes(AttributeList aList) Append response packet attributes.
boolean	cmp(byte[] passwordA, byte[] passwordB) Compare two byte arrays for equality.
byte[]	decode(byte[] password) Decode an encoded password.
byte[]	encode(byte[] password) Encode a plaintext password.
boolean	fromAccountingPort() Determine if this packet arrived from the accounting port and therefore is probably an accounting packet.
boolean	fromAuthenticationPort() Determine if this packet arrived from the authentication port and therefore is probably an authentication packet.
byte[]	getAuthenticator() Get the authenticator's bytes.
DatagramPacket	getDatagram() Get the original datagram for this packet.
byte[]	getDecodedUserPassword() Get the decoded password from the User_Password attribute.
String	getHostRealm() Get our own RADIUS server's realm Returns the realm of our own server which is useful in transparently directing packets to the local host in spite if what their realms might say.
int	getMaximumPacketSize() Get the maximum RADIUS packet size.
int	getMessageID() Get the packet Identifier (message ID).
Object	getModule(String moduleName, Object obj) Retrieves the module (ModuleRegister) object.
String	getName() Return the User-Name attribute value stripped of any realm information.
NAS	getNAS() Get the current NAS, if it's defined.
int	getPacketID() Get the packet ID number.
String	getPacketTypeName(int packetType) Get the name of a packet type.
String	getPrefix() Return the prefix to the User-Name attribute.
ProxyClient	getProxyClient(boolean response, int radiusPacketType, AttributeList attrList, Object proxyStateObject) Create a client to send a particular packet to a realm.
int	getProxyStateAttributesLength() Get Proxy-State's attributes length.
ProxyTarget	getProxyTargetByRealm(String realm) Get a proxy target by realm.
ProxyTarget[]	getProxyTargets() Get the list of proxy targets.
RADIUSServer	getRADIUSServer() Get the server object.
String	getRealm() Return the realm portion of the User-Name.
Realm	getRealmInfo(String realmName) Return realm information.
String[]	getRealmList() Return a list of the proxy realms.
AttributeList	getRequestAttributeList() Get an attribute list
Attribute[]	getRequestAttributes() Get an array of Attributes
int	getRequestType() Get the request packet type
String	getRequestTypeName() Get the name of the request packet type.
AttributeList	getResponseAttributeList() Get return attributes.
int	getResponseType() Get the response packet type
String	getResponseTypeName() Get the name of the response packet type.
byte[]	getSecret() Get the shared secret for this NAS.
String	getServerName() Get the server's name.
InetAddress	getSourceAddress() Get the packet's source IP address.
int	getSourcePort() Get the packet's source UDP port.
Object	getStateObject(byte code) Get the persistent State attribute object from the request attribute list.
String	getUserName() Get the User-Name attribute value if available.
byte[]	getUserPassword() Get the encoded password from the User_Password attribute.
void	removeProxyTarget(String targetName) Remove a proxy target form the target tables This may be called at any time, before or after starting the server.
void	sendV2Trap(String msg) Send a SNMP V2 trap message.
void	setResponseAttributes(Attribute[] aList) Set response packet attributes.
void	setResponseAttributes(AttributeList aList) Set response packet attributes.
void	setResponseType(int responseType) Set the response packet type.
void	setStateObject(byte code, Object o) Set the persistent State object and create a State attribute tracking the object.
void	translateProxyId(boolean enable) Force this proxy server to appear to be the actual client instead of the original client.
byte[]	trim(byte[] password) Trim a decoded password of trailing zeroed bytes.

Methods inherited from class Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

AUTH_LENGTH

public static final int AUTH_LENGTH

RADIUS authenticator length (value = 16).

See Also:

Constant Field Values

AUTH_STATE_OBJECT

public static final byte AUTH_STATE_OBJECT

Code to set or get the State attribute object normally set by the AccessImpl class. This can be used by the ProxyImpl & other implementation classes to access State attribute object.

See Also:

Constant Field Values

Method Detail

addProxyTarget

public void addProxyTarget(ProxyTarget pt)
                    throws RADIUSServerException

Add a proxy target to the target tables. Used to provide proxy service to other RADIUS servers. This may be called at any time, before or after starting the server. A NAS entry is automatically built for each proxy target.

Parameters:

pt - proxy target information.

Throws:

RADIUSServerException - if the proxy target name or address is missing.

See Also:

ProxyTarget

appendResponseAttributes

public final AttributeList appendResponseAttributes(AttributeList aList)

Append response packet attributes. If there is no existing response attribute list it will be created.

Parameters:

aList - AttributeList to append.

cmp

public final boolean cmp(byte[] passwordA,
                         byte[] passwordB)

Compare two byte arrays for equality. Used to compare a pair of encoded or decoded passwords.

Parameters:

passwordA - Password to compare.

passwordB - Password to compare.

Returns:

True if the bytes matched.

decode

public final byte[] decode(byte[] password)

Decode an encoded password.

Parameters:

password - Encoded password;

Returns:

plaintext password to a maximum of 128 characters. Null is returned if the password is null.

encode

public final byte[] encode(byte[] password)

Encode a plaintext password.

Parameters:

password - Encoded password;

Returns:

plaintext password to a maximum of 128 characters. Null is returned if the password is null.

fromAccountingPort

public boolean fromAccountingPort()

Determine if this packet arrived from the accounting port and therefore is probably an accounting packet.

Returns:

true if the packet arrived on the cccounting port.

Since:

3.21d

fromAuthenticationPort

public boolean fromAuthenticationPort()

Determine if this packet arrived from the authentication port and therefore is probably an authentication packet.

Returns:

true if the packet arrived on the authentication port.

Since:

3.21d

getAuthenticator

public final byte[] getAuthenticator()

Get the authenticator's bytes.

Returns:

authenticator's byte array (16 bytes)

getDatagram

public final DatagramPacket getDatagram()

Get the original datagram for this packet.

Returns:

datagram

getDecodedUserPassword

public final byte[] getDecodedUserPassword()

Get the decoded password from the User_Password attribute. The password will not be decoded correctly if the shared secret is incorrect.

Returns:

Decoded password. Returns null if it wasn't found among the attributes or the length was incorrect. The decoded password will be padded with nulls which might interfere with a comparison with a simple byte array of a real password.

See Also:

trim()

getHostRealm

public String getHostRealm()

Get our own RADIUS server's realm Returns the realm of our own server which is useful in transparently directing packets to the local host in spite if what their realms might say.

Returns:

the current hosts's realm name.

getMaximumPacketSize

public int getMaximumPacketSize()

Get the maximum RADIUS packet size.

Returns:

current RADIUS maximum packet size.

getMessageID

public int getMessageID()

Get the packet Identifier (message ID).

Returns:

Message ID

getModule

public Object getModule(String moduleName,
                        Object obj)
                           throws RADIUSServerException

Retrieves the module (ModuleRegister) object.

For example, if you have a module called TEST use TEST t = ((TEST) getModule().test);

Parameters:

moduleName - Name of the module (e.g. "TEST").

obj - Constructor argument or null if the default constructor is to be used.

Returns:

the instantiated module or null if no such module exists.

Throws:

RADIUSServerException - if the module exists but doesn't have the correct constructor.

getName

public final String getName()

Return the User-Name attribute value stripped of any realm information. E.g. if User-Name is somebody@somewhere.com only somebody is returned.

Returns:

User-Name value stripped of any realm information or an empty string if no User-Name is present.

See Also:

getRealm(), getUserName()

getNAS

public final NAS getNAS()

Get the current NAS, if it's defined.

Returns:

Current NAS object.

getPacketID

public final int getPacketID()

Get the packet ID number.

Returns:

packet ID.

getPacketTypeName

public final String getPacketTypeName(int packetType)

Get the name of a packet type.

Parameters:

packetType - Packet type.

Returns:

Name of packet type.

getPrefix

public final String getPrefix()

Return the prefix to the User-Name attribute. E.g. if User-Name is xny556/somebody@somewhere.com only xny556 is returned.

Returns:

tThe prefix value or an empty string if no User-Name or prefix is present.

See Also:

getRealm(), getUserName()

getProxyClient

public ProxyClient getProxyClient(boolean response,
                                  int radiusPacketType,
                                  AttributeList attrList,
                                  Object proxyStateObject)
                           throws RADIUSServerException,
                                  AccessDropException

Create a client to send a particular packet to a realm. One must be created for each realm and packet.

The packet containing the given attributes will be sent to a realm. This method allows separate packets to be sent to other servers for redundency (in the case of accounting) or for fail-over retries in the ProxyImpl class.

Parameters:

response - Set to true if this is a response packet like Access-Accept, Access-Challenge, or false if it's a request like Accounting-Request or Access-Request.

radiusPacketType - The type of packet, for example Access-Accept.

attrList - Attribute list to be attached to the packet.

proxyStateObject - The Object to be attached to proxy state. See setProxyStateObject().

Throws:

RADIUSServerException - if the packet type is unknown or the realm is unknown.

AccessDropException - if the realm is unknown. Generally this will be caught earlier by the RADIUSServerException. It is possible for this to be thrown if there's a race condition between sending the packet and removing the realm.

For an example see ProxyImpl/ProxyFailover.java and it's associated class ProxyImpl/ProxyPacketTimeout.java.

Since:

3.22

See Also:

ProxyClient

getProxyStateAttributesLength

public int getProxyStateAttributesLength()

Get Proxy-State's attributes length. Returns the byte length of all Proxy-State attributes.

Returns:

Proxy-State attributes total length.

getProxyTargetByRealm

public ProxyTarget getProxyTargetByRealm(String realm)

Get a proxy target by realm.

This method searches all the proxy target primary names and their synonyms. If a ProxyTarget has an empty string for a synonym it will match empty realms (no realm information). Normally the the local server will handle empty realms. If more than one ProxyTarget has an empty synonym the results are unpredicatable.

If you are using the ProxyInfo.setTransparentProxy() method use getHostRealm() to force the local server to handle the packet.

Parameters:

realm - The realm, usually from the User-Name attribute.

Returns:

ProxyTarget or null if there are no matches for the realm or the packet is for the local server.

Since:

3.22

getProxyTargets

public ProxyTarget[] getProxyTargets()

Get the list of proxy targets.

Returns:

list of proxy targets.

Since:

3.22

getRADIUSServer

public RADIUSServer getRADIUSServer()

Get the server object. Any server methods may be invoked.

Returns:

RADIUSServer object.

See Also:

RADIUSServer

getRealm

public final String getRealm()

Return the realm portion of the User-Name. E.g. if User-Name is somebody@somewhere.com only somewhere.com is returned.

Returns:

User-Name value stripped of any realm information. If there is no realm information an empty string is returned.

See Also:

getName(), getUserName()

getRealmInfo

public Realm getRealmInfo(String realmName)
                   throws RADIUSServerException

Return realm information.

Parameters:

realmName - Realm name (a.k.a. Proxy target).

Returns:

Realm object.

Throws:

RADUSServerException - if the realm cannot be found.

RADIUSServerException

getRealmList

public String[] getRealmList()

Return a list of the proxy realms.

Returns:

String array of realms (proxy target) names.

getRequestAttributeList

public final AttributeList getRequestAttributeList()

Get an attribute list

Returns:

AttributeList of attributes.

See Also:

getRequestAttributes(), setResponseAttributes(com.theorem.radserver3.AttributeList)

getRequestAttributes

public final Attribute[] getRequestAttributes()

Get an array of Attributes

Returns:

an array of attributes.

See Also:

getRequestAttributeList(), setResponseAttributes(com.theorem.radserver3.AttributeList)

getRequestType

public final int getRequestType()

Get the request packet type

getRequestTypeName

public final String getRequestTypeName()

Get the name of the request packet type.

Returns:

Name of the request packet type.

getResponseAttributeList

public final AttributeList getResponseAttributeList()

Get return attributes.

Returns:

Response packet attributes.

getResponseType

public final int getResponseType()

Get the response packet type

Since:

3.25

getResponseTypeName

public final String getResponseTypeName()

Get the name of the response packet type.

Returns:

Name of the response packet type.

Since:

3.25

getSecret

public final byte[] getSecret()

Get the shared secret for this NAS.

Returns:

secret

getServerName

public String getServerName()

Get the server's name.

Returns:

Server name.

getSourceAddress

public InetAddress getSourceAddress()

Get the packet's source IP address.

Returns:

Source address.

getSourcePort

public int getSourcePort()

Get the packet's source UDP port.

Returns:

Source UDP port.

getStateObject

public Object getStateObject(byte code)

Get the persistent State attribute object from the request attribute list. This call is used internally but may be used externally by choosing codes greater than 127 (negative byte values).

Parameters:

code - Code for the particular type of state object to retrieve.

Returns:

State related object. Return null if no State attribute found or no object is related to the State.

Since:

3.21g

getUserName

public final String getUserName()

Get the User-Name attribute value if available. This is the raw User-Name value with possible proxy realm information.

Returns:

User-Name attribute, or null if unavailable.

See Also:

getRealm(), getName()

getUserPassword

public final byte[] getUserPassword()

Get the encoded password from the User_Password attribute.

Returns:

Encoded password or null if it wasn't found among the attributes.

removeProxyTarget

public void removeProxyTarget(String targetName)
                       throws RADIUSServerException

Remove a proxy target form the target tables This may be called at any time, before or after starting the server. This also removes the NAS entry for this target.

Parameters:

targetName - name of the target to remove.

Throws:

RADIUSServerException - if SNMP isn't set up.

sendV2Trap

public void sendV2Trap(String msg)

Send a SNMP V2 trap message.

Parameters:

msg - Message.

setResponseAttributes

public final void setResponseAttributes(Attribute[] aList)

Set response packet attributes.

Parameters:

aList - Attribute array to return.

setResponseAttributes

public final void setResponseAttributes(AttributeList aList)

Set response packet attributes. Existing attributes will be overwritten.

Parameters:

aList - AttributeList to return.

setResponseType

public final void setResponseType(int responseType)

Set the response packet type.

Parameters:

responseType - Reply packet type (e.g. Resource Query Response).

setStateObject

public void setStateObject(byte code,
                           Object o)

Set the persistent State object and create a State attribute tracking the object.

This is used to associate a State attribute with some locally held information. For example the expected EAP data like the identifier, perhaps the original MD5 challenge, and the anticipated EAP type the client must send. This call is generally for internal use where the code is known.

Parameters:

code - Code for this object.

o - Object object to persist.

Since:

3.21g

See Also:

RADIUSServer.setStateTTL(), getStateObject(byte code)

translateProxyId

public void translateProxyId(boolean enable)

Force this proxy server to appear to be the actual client instead of the original client. This affects the NAS-IP-Address and the NAS-Identifier attribute values if they exist. If the packet is actually proxied to another host the NAS-Idenfier and NAS-IP-Address will use this server's values. The session's version will revert to the global value set in the server when the session is complete.

The default action is to use the value set in the server. The default action the server takes is to use the actual client's NAS-IP-Address and NAS-Identifier attribute values.

Parameters:

enable - Use true to enable proxy ID translation, false to disable it.

See Also:

RADIUSServer.translateProxyId(boolean)

trim

public final byte[] trim(byte[] password)

Trim a decoded password of trailing zeroed bytes. A decoded password may be padded with empty bytes. This removes the trailing padding.

Parameters:

password - Password to be trimmed.

Returns:

Trimmed password.