/**
* This is an example of handling a very simple Access-Request / Access-Challenge.
* The client sends an Access-Request.
* The server responds with an Access-Challenge containing a State attribute.
* The client should respond to the challenge with different Access-Request containing the State attribute.
* The server responds with an Access-Accept if all is well, otherwise and Access-reject is sent.
*/
public void authenticate(AuthInfo auth) throws AccessRejectException, AccessDropException
{
	// Typically in Java one would use a class to track the state.
	// This state object can keep as much information as you need.
	// The client MUST return the State attribute in it's access-request. This example just tracks it by an Integer.
	// Usually there is more information passed by the State attribute for authentication.
	// Design notes:
	// In the AXL RADIUS Server the State attribute contains a number that refers to your class.
	// The methods getStateObject() and setStateObject() handle State related information automatically.
	// The actual State attribute contains an opaque value used as a reference to your actual state class.
	// The reference is removed under two conditions:
	//   1) you retrieve the state class using getStateObject(), and
	//   2) the client fails to respond in time and the state class is removed from the system.

	// Test to see if a State attribute is present indicating this is a reply to a challenge.
	if (auth.isAccessChallengeResponse())
	{
		// Recover the object that should be returned by the
		// client's response to our challenge.
		Integer st = (Integer) auth.getStateObject();
		if (st == null)
			throw new AccessRejectException("Missing state from challenge response.");

		// Let the client know we liked what we found.
		AttributeList response = new AttributeList();
		response.addAttribute(Attribute.Reply_Message, "You sent the state value " + st);
		auth.setResponseAttributes(response);
		auth.setAccessAccept();

	} else {
		// Otherwise we have the initial access-request.
		// Create a access-challenge with a State attribute.
		Integer st = new Integer(new Random().nextInt());
		auth.setStateObject(st);
		AttributeList response = new AttributeList();
		response.addAttribute(Attribute.Reply_Message, "Sending a challenge ");
		auth.setResponseAttributes(response);
		auth.setAccessChallenge();
	}

}