com.theorem.radserver3
Class ProxyTarget

Object
  ProxyTarget

public final class ProxyTarget

extends Object

Proxy target class. Sets up the name, InetAddress and ports for a proxy target.

This class configures a proxy (forwarding) server the current server will use to forward packets based on the User-Name attribute's realm.

Multiple realms may be forwarded to this fowarding server by using the setSynonyms() method. The empty realm (and empty string) will forward User-Names without realms to the ProxyTarget having an empty synonym. If there is no empty synonym defined it will be handled by the local server.

Support for Disconnect-Requests and Change of authorization requests has been added as well. A ProxyTarget may permit or deny these messages as well as set the server port for the responses to these requests. The default is to deny these messages.

Some Vendor-Specific attributes use long tags (16 bit) in their sub-attributes. These can be configured on a per-proxy basis using the addLongVendorSpecificTags(int vendorId). This information is used when decoding Vendor-Specific attributes. Please see the example described in the method hasLongVendorSpecificTags(int vendorId).

Incidentally the server may also configured a ProxyTarget. It has no meaningful secret. Please see RADIUSServer.setServerInfo(ProxyTarget pt).

See Also:

addProxyTarget(), removeProxyTarget()

Field Summary

int	acctPort The proxy server accounting port.
int	authPort The proxy server authentication port.
int	dmcoaPort The proxy server DM /COA packet server port.
String	secret The proxy server secret.
InetAddress	targetAddr IP address of the target.
String	targetName Name of the target.

Constructor Summary

ProxyTarget(String targetName, InetAddress targetAddr, int authPort, int acctPort, int dmcoaPort, String secret)
ProxyTarget constructor to create a proxy.

ProxyTarget(String targetName, InetAddress targetAddr, int authPort, int acctPort, String secret)
ProxyTarget constructor to create a proxy.

Method Summary

void	addLongVendorSpecificTags(int vendorId) Enable the reception of long Vendor-Specific attribute tags for this NAS.
boolean	allowCoARequests() Determine if this PT allows CoA forwarding.
boolean	allowDisconnectRequests() Determine if this PT allows DM forwarding.
boolean	containsSynonym(String realm) See if this proxy target handles a particular realm
void	enableCoARequests(boolean enable) Enable a Proxy target to send CoA-Requests.
void	enableDMRequests(boolean enable) Enable a Proxy target to send Disconnect-Requests.
int	getAcctPort() Get the accounting port.
InetAddress	getAddress() Get the Proxy IP address.
int	getAuthPort() Get the authentication port.
int	getDMCOAPort() Get the DM/COA port.
String	getName() Get the name of the forwarding server.
NAS	getNAS() Get the NAS entry for the ProxyTarget.
String	getRealm() Get the Proxy realm name.
String[]	getSynonyms() Get the list realms this ProxyTarget will automatically handle as synonyms.
String	getVerifyError() Get a human readable verify error or a statement that the verify succeeded.
boolean	hasLongVendorSpecificTags(int vendorId) Determine if long attribute tags are enabled for this Vendor.
void	setDMCOAPort(int port) Set the DM/COA port.
void	setSynonyms(String[] realmList) Create a list of realms this ProxyTarget will automatically handle.
String	toString() String representation of a ProxyTarget.
boolean	verify() Check this ProxyTarget for the necessities.

Methods inherited from class Object

equals, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

acctPort

public int acctPort

The proxy server accounting port. Because of the confusion in RADIUS server port numbers you may have to support older configurations.

authPort

public int authPort

The proxy server authentication port. Because of the confusion in RADIUS server port numbers you may have to support older configurations.

dmcoaPort

public int dmcoaPort

The proxy server DM /COA packet server port.

secret

public String secret

The proxy server secret.

targetAddr

public InetAddress targetAddr

IP address of the target. This isn't necessarily the IP address of the target name. It depends if the next proxy along the route is the terminal target or a server proxying to the terminal target. It may just be a routing ploy.

targetName

public String targetName

Name of the target. Identifies the target. This is not necessarily match the target address as the IP address of the next server may not be the terminal target.

Constructor Detail

ProxyTarget

public ProxyTarget(String targetName,
                   InetAddress targetAddr,
                   int authPort,
                   int acctPort,
                   int dmcoaPort,
                   String secret)

ProxyTarget constructor to create a proxy.

Parameters:

targetName - Realm name for the proxy server.

targetAddr - IP Address of the proxy server.

authPort - Authentication port of the proxy server.

acctPort - Accounting port of the proxy server.

dmcoaPort - The port for the DM / COA packet response port. Extended packets might include the Disconnect-Message and Change-of-Authorization client or other, future extended RADIUS server ports.

secret - Secret shared with the proxy server.

ProxyTarget

public ProxyTarget(String targetName,
                   InetAddress targetAddr,
                   int authPort,
                   int acctPort,
                   String secret)

ProxyTarget constructor to create a proxy.

Parameters:

targetName - Realm name for the proxy server.

targetAddr - IP Address of the proxy server.

authPort - Authentication port of the proxy server.

acctPort - Accounting port of the proxy server.

secret - Secret shared with the proxy server.

Method Detail

addLongVendorSpecificTags

public void addLongVendorSpecificTags(int vendorId)

Enable the reception of long Vendor-Specific attribute tags for this NAS. The default behavior is the disallow long VSA sub tag lengths.

Parameters:

vendorId - Permit long VSA tags for this Vendor-Id.

Since:

3.41

See Also:

hasLongVendorSpecificTags(int vendorId)

allowCoARequests

public boolean allowCoARequests()

Determine if this PT allows CoA forwarding.

Returns:

True if it does.

Since:

3.40

allowDisconnectRequests

public boolean allowDisconnectRequests()

Determine if this PT allows DM forwarding.

Returns:

True if it does.

Since:

3.40

containsSynonym

public boolean containsSynonym(String realm)

See if this proxy target handles a particular realm

Parameters:

realm - Realm to test.

Returns:

True if the realm is handled by this proxy server.

Since:

3.40

enableCoARequests

public void enableCoARequests(boolean enable)

Enable a Proxy target to send CoA-Requests. From RFC 3576.

Parameters:

enable - Set to true to enable CoA-Requests (Change-of-Authorization).

Since:

3.40

enableDMRequests

public void enableDMRequests(boolean enable)

Enable a Proxy target to send Disconnect-Requests. From RFC 3576.

Parameters:

enable - Set to true to enable Disconnect-Requests.

Since:

3.40

getAcctPort

public final int getAcctPort()

Get the accounting port.

Returns:

the accounting port.

getAddress

public InetAddress getAddress()

Get the Proxy IP address.

Returns:

IP Address.

getAuthPort

public final int getAuthPort()

Get the authentication port.

Returns:

the authentication port.

getDMCOAPort

public final int getDMCOAPort()

Get the DM/COA port.

Returns:

the DM/COA port.

getName

public String getName()

Get the name of the forwarding server.

Returns:

ProxyTarget name.

getNAS

public NAS getNAS()

Get the NAS entry for the ProxyTarget. The NAS entry holds information on the secret and ports the proxy server uses.

Returns:

NAS.

Since:

3.40

getRealm

public String getRealm()

Get the Proxy realm name.

Returns:

Realm name.

getSynonyms

public String[] getSynonyms()

Get the list realms this ProxyTarget will automatically handle as synonyms.

Returns:

the current list.

Since:

3.40

getVerifyError

public String getVerifyError()

Get a human readable verify error or a statement that the verify succeeded.

Returns:

(@link #verify()} error string.

hasLongVendorSpecificTags

public boolean hasLongVendorSpecificTags(int vendorId)

Determine if long attribute tags are enabled for this Vendor.

This is commonly used with the Vendor-Specific class to extract or create long tags in the sub-attributes. For example this might be used in ProxyImpl as:

 public void changeRequest(ProxyInfo prx)
 {
 	AttributeList inList = prx.getRequestAttributeList();
 	...
 	// Get the originating NAS information.
 	ProxyTarget pt = prx.getProxyTargetByRealm(prx.getRealm());
 	// Use the ProxyTarget information to extract the VSA sub-attributes
 	// depending on the vendor id.
 	VendorSpecific vs[] = inList.getVendorSpecific(2000,
 		 pt.hasLongVendorSpecificTags(2000));
 	...
 }
 

Parameters:

vendorId - The vendor Id.

Returns:

True if long tags are enabled for this Vendor

Since:

3.41

setDMCOAPort

public final void setDMCOAPort(int port)

Set the DM/COA port.

Parameters:

port - The DM/COA port.

setSynonyms

public void setSynonyms(String[] realmList)

Create a list of realms this ProxyTarget will automatically handle. The given list will replace the current list. A proxy target iwith an empty string as a synonym will be sent all packets that do no have any realm information. This can be overridden by a ProxyImpl implementation.

Parameters:

realmList - List of realms.

Since:

3.40

toString

public String toString()

String representation of a ProxyTarget.

Returns:

String.

verify

public boolean verify()

Check this ProxyTarget for the necessities. This should be called each time a ProxyTarget is created.

Returns:

True if the ProxyTarget object is acceptable.