org.tinyradius.packet
Class RadiusPacket

java.lang.Object
  org.tinyradius.packet.RadiusPacket

Direct Known Subclasses:

AccessRequest, AccountingRequest

public class RadiusPacket
extends java.lang.Object

This class represents a Radius packet. Subclasses provide convenience methods for special packet types.

Field Summary

static int	ACCESS_ACCEPT
static int	ACCESS_CHALLENGE
static int	ACCESS_REJECT
static int	ACCESS_REQUEST Packet type codes.
static int	ACCOUNTING_MESSAGE
static int	ACCOUNTING_REQUEST
static int	ACCOUNTING_RESPONSE
static int	ACCOUNTING_STATUS
static int	COA_ACK
static int	COA_NAK
static int	COA_REQUEST
static int	DISCONNECT_ACK
static int	DISCONNECT_NAK
static int	DISCONNECT_REQUEST
static int	MAX_PACKET_LENGTH Maximum packet length.
static int	PASSWORD_ACCEPT
static int	PASSWORD_REJECT
static int	PASSWORD_REQUEST
static int	RADIUS_HEADER_LENGTH Packet header length.
static int	RESERVED
static int	STATUS_ACCEPT
static int	STATUS_CLIENT
static int	STATUS_REJECT
static int	STATUS_REQUEST
static int	STATUS_SERVER

Constructor Summary

RadiusPacket()
Builds an empty Radius packet.

RadiusPacket(int type)
Builds a Radius packet without attributes.

RadiusPacket(int type, int identifier)
Builds a Radius packet with the given type and identifier and without attributes.

RadiusPacket(int type, int identifier, java.util.List attributes)
Builds a Radius packet with the given type, identifier and attributes.

Method Summary

void	addAttribute(RadiusAttribute attribute) Adds a Radius attribute to this packet.
void	addAttribute(java.lang.String typeName, java.lang.String value) Adds a Radius attribute to this packet.
protected void	checkResponseAuthenticator(java.lang.String sharedSecret, int packetLength, byte[] attributes, byte[] requestAuthenticator) This method checks the authenticator of this Radius packet.
static RadiusPacket	createRadiusPacket(int type) Creates a RadiusPacket object.
protected byte[]	createRequestAuthenticator(java.lang.String sharedSecret) Creates a request authenticator for this packet.
protected byte[]	createResponseAuthenticator(java.lang.String sharedSecret, int packetLength, byte[] attributes, byte[] requestAuthenticator) Creates an authenticator for a Radius response packet.
protected static RadiusPacket	decodePacket(Dictionary dictionary, java.io.InputStream in, java.lang.String sharedSecret, RadiusPacket request) Reads a Radius packet from the given input stream and creates an appropiate RadiusPacket descendant object.
protected void	decodeRequestAttributes(java.lang.String sharedSecret) Can be overriden to decode encoded request attributes such as User-Password.
static RadiusPacket	decodeRequestPacket(Dictionary dictionary, java.io.InputStream in, java.lang.String sharedSecret) Reads a Radius request packet from the given input stream and creates an appropiate RadiusPacket descendant object.
static RadiusPacket	decodeRequestPacket(java.io.InputStream in, java.lang.String sharedSecret) Reads a Radius request packet from the given input stream and creates an appropiate RadiusPacket descendant object.
static RadiusPacket	decodeResponsePacket(Dictionary dictionary, java.io.InputStream in, java.lang.String sharedSecret, RadiusPacket request) Reads a Radius response packet from the given input stream and creates an appropiate RadiusPacket descendant object.
static RadiusPacket	decodeResponsePacket(java.io.InputStream in, java.lang.String sharedSecret, RadiusPacket request) Reads a Radius response packet from the given input stream and creates an appropiate RadiusPacket descendant object.
protected void	encodePacket(java.io.OutputStream out, java.lang.String sharedSecret, RadiusPacket request) Encodes this Radius packet and sends it to the specified output stream.
protected void	encodeRequestAttributes(java.lang.String sharedSecret) This method exists for subclasses to be overridden in order to encode packet attributes like the User-Password attribute.
void	encodeRequestPacket(java.io.OutputStream out, java.lang.String sharedSecret) Encodes this Radius packet and sends it to the specified output stream.
void	encodeResponsePacket(java.io.OutputStream out, java.lang.String sharedSecret, RadiusPacket request) Encodes this Radius response packet and sends it to the specified output stream.
RadiusAttribute	getAttribute(int type) Returns a Radius attribute of the given type which may only occur once in the Radius packet.
RadiusAttribute	getAttribute(int vendorId, int type) Returns a Radius attribute of the given type and vendor ID which may only occur once in the Radius packet.
RadiusAttribute	getAttribute(java.lang.String type) Returns a single Radius attribute of the given type name.
protected byte[]	getAttributeBytes() Encodes the attributes of this Radius packet to a byte array.
java.util.List	getAttributes() Returns a list of all attributes belonging to this Radius packet.
java.util.List	getAttributes(int attributeType) Returns all attributes of this packet of the given type.
java.util.List	getAttributes(int vendorId, int attributeType) Returns all attributes of this packet that have got the given type and belong to the given vendor ID.
java.lang.String	getAttributeValue(java.lang.String type) Returns the value of the Radius attribute of the given type or null if there is no such attribute.
byte[]	getAuthenticator() Returns the authenticator for this Radius packet.
Dictionary	getDictionary() Returns the dictionary this Radius packet uses.
protected java.security.MessageDigest	getMd5Digest() Returns a MD5 digest.
static int	getNextPacketIdentifier() Retrieves the next packet identifier to use and increments the static storage.
int	getPacketIdentifier() Returns the packet identifier for this Radius packet.
int	getPacketType() Returns the type of this Radius packet.
java.lang.String	getPacketTypeName() Returns the type name of this Radius packet.
VendorSpecificAttribute	getVendorAttribute(int vendorId) Deprecated. use getVendorAttributes(int)
java.util.List	getVendorAttributes(int vendorId) Returns the Vendor-Specific attribute(s) for the given vendor ID.
void	removeAttribute(RadiusAttribute attribute) Removes the specified attribute from this packet.
void	removeAttributes(int type) Removes all attributes from this packet which have got the specified type.
void	removeAttributes(int vendorId, int typeCode) Removes all sub-attributes of the given vendor and type.
void	removeLastAttribute(int type) Removes the last occurence of the attribute of the given type from the packet.
void	setAttributes(java.util.List attributes) Sets the list of attributes for this Radius packet.
void	setAuthenticator(byte[] authenticator) Sets the authenticator to be used for this Radius packet.
void	setDictionary(Dictionary dictionary) Sets a custom dictionary to use.
void	setPacketIdentifier(int identifier) Sets the packet identifier for this Radius packet.
void	setPacketType(int type) Sets the type of this Radius packet.
java.lang.String	toString() String representation of this packet, for debugging purposes.
protected byte[]	updateRequestAuthenticator(java.lang.String sharedSecret, int packetLength, byte[] attributes) AccountingRequest overrides this method to create a request authenticator as specified by RFC 2866.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

ACCESS_REQUEST

public static final int ACCESS_REQUEST

Packet type codes.

See Also:

Constant Field Values

ACCESS_ACCEPT

public static final int ACCESS_ACCEPT

See Also:

Constant Field Values

ACCESS_REJECT

public static final int ACCESS_REJECT

See Also:

Constant Field Values

ACCOUNTING_REQUEST

public static final int ACCOUNTING_REQUEST

See Also:

Constant Field Values

ACCOUNTING_RESPONSE

public static final int ACCOUNTING_RESPONSE

See Also:

Constant Field Values

ACCOUNTING_STATUS

public static final int ACCOUNTING_STATUS

See Also:

Constant Field Values

PASSWORD_REQUEST

public static final int PASSWORD_REQUEST

See Also:

Constant Field Values

PASSWORD_ACCEPT

public static final int PASSWORD_ACCEPT

See Also:

Constant Field Values

PASSWORD_REJECT

public static final int PASSWORD_REJECT

See Also:

Constant Field Values

ACCOUNTING_MESSAGE

public static final int ACCOUNTING_MESSAGE

See Also:

Constant Field Values

ACCESS_CHALLENGE

public static final int ACCESS_CHALLENGE

See Also:

Constant Field Values

STATUS_SERVER

public static final int STATUS_SERVER

See Also:

Constant Field Values

STATUS_CLIENT

public static final int STATUS_CLIENT

See Also:

Constant Field Values

DISCONNECT_REQUEST

public static final int DISCONNECT_REQUEST

See Also:

Constant Field Values

DISCONNECT_ACK

public static final int DISCONNECT_ACK

See Also:

Constant Field Values

DISCONNECT_NAK

public static final int DISCONNECT_NAK

See Also:

Constant Field Values

COA_REQUEST

public static final int COA_REQUEST

See Also:

Constant Field Values

COA_ACK

public static final int COA_ACK

See Also:

Constant Field Values

COA_NAK

public static final int COA_NAK

See Also:

Constant Field Values

STATUS_REQUEST

public static final int STATUS_REQUEST

See Also:

Constant Field Values

STATUS_ACCEPT

public static final int STATUS_ACCEPT

See Also:

Constant Field Values

STATUS_REJECT

public static final int STATUS_REJECT

See Also:

Constant Field Values

RESERVED

public static final int RESERVED

See Also:

Constant Field Values

MAX_PACKET_LENGTH

public static final int MAX_PACKET_LENGTH

Maximum packet length.

See Also:

Constant Field Values

RADIUS_HEADER_LENGTH

public static final int RADIUS_HEADER_LENGTH

Packet header length.

See Also:

Constant Field Values

Constructor Detail

RadiusPacket

public RadiusPacket(int type)

Builds a Radius packet without attributes. Retrieves the next packet identifier.

Parameters:

type - packet type

RadiusPacket

public RadiusPacket(int type,
                    int identifier)

Builds a Radius packet with the given type and identifier and without attributes.

Parameters:

type - packet type

identifier - packet identifier

RadiusPacket

public RadiusPacket(int type,
                    int identifier,
                    java.util.List attributes)

Builds a Radius packet with the given type, identifier and attributes.

Parameters:

type - packet type

identifier - packet identifier

attributes - list of RadiusAttribute objects

RadiusPacket

public RadiusPacket()

Builds an empty Radius packet.

Method Detail

getPacketIdentifier

public int getPacketIdentifier()

Returns the packet identifier for this Radius packet.

Returns:

packet identifier

setPacketIdentifier

public void setPacketIdentifier(int identifier)

Sets the packet identifier for this Radius packet.

Parameters:

identifier - packet identifier, 0-255

getPacketType

public int getPacketType()

Returns the type of this Radius packet.

Returns:

packet type

getPacketTypeName

public java.lang.String getPacketTypeName()

Returns the type name of this Radius packet.

Returns:

name

setPacketType

public void setPacketType(int type)

Sets the type of this Radius packet.

Parameters:

type - packet type, 0-255

setAttributes

public void setAttributes(java.util.List attributes)

Sets the list of attributes for this Radius packet.

Parameters:

attributes - list of RadiusAttribute objects

addAttribute

public void addAttribute(RadiusAttribute attribute)

Adds a Radius attribute to this packet. Can also be used to add Vendor-Specific sub-attributes. If a attribute with a vendor code != -1 is passed in, a VendorSpecificAttribute is created for the sub-attribute.

Parameters:

attribute - RadiusAttribute object

addAttribute

public void addAttribute(java.lang.String typeName,
                         java.lang.String value)

Adds a Radius attribute to this packet. Uses AttributeTypes to lookup the type code and converts the value. Can also be used to add sub-attributes.

Parameters:

typeName - name of the attribute, for example "NAS-Ip-Address"

value - value of the attribute, for example "127.0.0.1"

Throws:

java.lang.IllegalArgumentException - if type name is unknown

removeAttribute

public void removeAttribute(RadiusAttribute attribute)

Removes the specified attribute from this packet.

Parameters:

attribute - RadiusAttribute to remove

removeAttributes

public void removeAttributes(int type)

Removes all attributes from this packet which have got the specified type.

Parameters:

type - attribute type to remove

removeLastAttribute

public void removeLastAttribute(int type)

Removes the last occurence of the attribute of the given type from the packet.

Parameters:

type - attribute type code

removeAttributes

public void removeAttributes(int vendorId,
                             int typeCode)

Removes all sub-attributes of the given vendor and type.

Parameters:

vendorId - vendor ID

typeCode - attribute type code

getAttributes

public java.util.List getAttributes(int attributeType)

Returns all attributes of this packet of the given type. Returns an empty list if there are no such attributes.

Parameters:

attributeType - type of attributes to get

Returns:

list of RadiusAttribute objects, does not return null

getAttributes

public java.util.List getAttributes(int vendorId,
                                    int attributeType)

Returns all attributes of this packet that have got the given type and belong to the given vendor ID. Returns an empty list if there are no such attributes.

Parameters:

vendorId - vendor ID

attributeType - attribute type code

Returns:

list of RadiusAttribute objects, never null

getAttributes

public java.util.List getAttributes()

Returns a list of all attributes belonging to this Radius packet.

Returns:

List of RadiusAttribute objects

getAttribute

public RadiusAttribute getAttribute(int type)

Returns a Radius attribute of the given type which may only occur once in the Radius packet.

Parameters:

type - attribute type

Returns:

RadiusAttribute object or null if there is no such attribute

Throws:

java.lang.RuntimeException - if there are multiple occurences of the requested attribute type

getAttribute

public RadiusAttribute getAttribute(int vendorId,
                                    int type)

Returns a Radius attribute of the given type and vendor ID which may only occur once in the Radius packet.

Parameters:

vendorId - vendor ID

type - attribute type

Returns:

RadiusAttribute object or null if there is no such attribute

Throws:

java.lang.RuntimeException - if there are multiple occurences of the requested attribute type

getAttribute

public RadiusAttribute getAttribute(java.lang.String type)

Returns a single Radius attribute of the given type name. Also returns sub-attributes.

Parameters:

type - attribute type name

Returns:

RadiusAttribute object or null if there is no such attribute

Throws:

java.lang.RuntimeException - if the attribute occurs multiple times

getAttributeValue

public java.lang.String getAttributeValue(java.lang.String type)

Returns the value of the Radius attribute of the given type or null if there is no such attribute. Also returns sub-attributes.

Parameters:

type - attribute type name

Returns:

value of the attribute as a string or null if there is no such attribute

Throws:

java.lang.IllegalArgumentException - if the type name is unknown

java.lang.RuntimeException - attribute occurs multiple times

getVendorAttributes

public java.util.List getVendorAttributes(int vendorId)

Returns the Vendor-Specific attribute(s) for the given vendor ID.

Parameters:

vendorId - vendor ID of the attribute(s)

Returns:

List with VendorSpecificAttribute objects, never null

getVendorAttribute

public VendorSpecificAttribute getVendorAttribute(int vendorId)

Deprecated. use getVendorAttributes(int)

Returns the Vendor-Specific attribute for the given vendor ID. If there is more than one Vendor-Specific attribute with the given vendor ID, the first attribute found is returned. If there is no such attribute, null is returned.

Parameters:

vendorId - vendor ID of the attribute

Returns:

the attribute or null if there is no such attribute

See Also:

getVendorAttributes(int)

encodeRequestPacket

public void encodeRequestPacket(java.io.OutputStream out,
                                java.lang.String sharedSecret)
                         throws java.io.IOException

Encodes this Radius packet and sends it to the specified output stream.

Parameters:

out - output stream to use

sharedSecret - shared secret to be used to encode this packet

Throws:

java.io.IOException - communication error

encodeResponsePacket

public void encodeResponsePacket(java.io.OutputStream out,
                                 java.lang.String sharedSecret,
                                 RadiusPacket request)
                          throws java.io.IOException

Encodes this Radius response packet and sends it to the specified output stream.

Parameters:

out - output stream to use

sharedSecret - shared secret to be used to encode this packet

request - Radius request packet

Throws:

java.io.IOException - communication error

decodeRequestPacket

public static RadiusPacket decodeRequestPacket(java.io.InputStream in,
                                               java.lang.String sharedSecret)
                                        throws java.io.IOException,
                                               RadiusException

Reads a Radius request packet from the given input stream and creates an appropiate RadiusPacket descendant object. Reads in all attributes and returns the object. Decodes the encrypted fields and attributes of the packet.

Parameters:

sharedSecret - shared secret to be used to decode this packet

Returns:

new RadiusPacket object

Throws:

java.io.IOException - IO error

RadiusException - malformed packet

decodeResponsePacket

public static RadiusPacket decodeResponsePacket(java.io.InputStream in,
                                                java.lang.String sharedSecret,
                                                RadiusPacket request)
                                         throws java.io.IOException,
                                                RadiusException

Reads a Radius response packet from the given input stream and creates an appropiate RadiusPacket descendant object. Reads in all attributes and returns the object. Checks the packet authenticator.

Parameters:

sharedSecret - shared secret to be used to decode this packet

request - Radius request packet

Returns:

new RadiusPacket object

Throws:

java.io.IOException - IO error

RadiusException - malformed packet

decodeRequestPacket

public static RadiusPacket decodeRequestPacket(Dictionary dictionary,
                                               java.io.InputStream in,
                                               java.lang.String sharedSecret)
                                        throws java.io.IOException,
                                               RadiusException

Reads a Radius request packet from the given input stream and creates an appropiate RadiusPacket descendant object. Reads in all attributes and returns the object. Decodes the encrypted fields and attributes of the packet.

Parameters:

dictionary - dictionary to use for attributes

in - InputStream to read packet from

sharedSecret - shared secret to be used to decode this packet

Returns:

new RadiusPacket object

Throws:

java.io.IOException - IO error

RadiusException - malformed packet

decodeResponsePacket

public static RadiusPacket decodeResponsePacket(Dictionary dictionary,
                                                java.io.InputStream in,
                                                java.lang.String sharedSecret,
                                                RadiusPacket request)
                                         throws java.io.IOException,
                                                RadiusException

Reads a Radius response packet from the given input stream and creates an appropiate RadiusPacket descendant object. Reads in all attributes and returns the object. Checks the packet authenticator.

Parameters:

dictionary - dictionary to use for attributes

in - InputStream to read packet from

sharedSecret - shared secret to be used to decode this packet

request - Radius request packet

Returns:

new RadiusPacket object

Throws:

java.io.IOException - IO error

RadiusException - malformed packet

getNextPacketIdentifier

public static int getNextPacketIdentifier()

Retrieves the next packet identifier to use and increments the static storage.

Returns:

the next packet identifier to use

createRadiusPacket

public static RadiusPacket createRadiusPacket(int type)

Creates a RadiusPacket object. Depending on the passed type, the appropiate successor is chosen. Sets the type, but does not touch the packet identifier.

Parameters:

type - packet type

Returns:

RadiusPacket object

toString

public java.lang.String toString()

String representation of this packet, for debugging purposes.

Overrides:

toString in class java.lang.Object

See Also:

Object.toString()

getAuthenticator

public byte[] getAuthenticator()

Returns the authenticator for this Radius packet. For a Radius packet read from a stream, this will return the authenticator sent by the server. For a new Radius packet to be sent, this will return the authenticator created by the method createAuthenticator() and will return null if no authenticator has been created yet.

Returns:

authenticator, 16 bytes

setAuthenticator

public void setAuthenticator(byte[] authenticator)

Sets the authenticator to be used for this Radius packet. This method should seldomly be used. Authenticators are created and managed by this class internally.

Parameters:

authenticator - authenticator

getDictionary

public Dictionary getDictionary()

Returns the dictionary this Radius packet uses.

Returns:

Dictionary instance

setDictionary

public void setDictionary(Dictionary dictionary)

Sets a custom dictionary to use. If no dictionary is set, the default dictionary is used. Also copies the dictionary to the attributes.

Parameters:

dictionary - Dictionary class to use

See Also:

DefaultDictionary

encodePacket

protected void encodePacket(java.io.OutputStream out,
                            java.lang.String sharedSecret,
                            RadiusPacket request)
                     throws java.io.IOException

Encodes this Radius packet and sends it to the specified output stream.

Parameters:

out - output stream to use

sharedSecret - shared secret to be used to encode this packet

request - Radius request packet if this packet to be encoded is a response packet, null if this packet is a request packet

Throws:

java.io.IOException - communication error

java.lang.RuntimeException - if required packet data has not been set

encodeRequestAttributes

protected void encodeRequestAttributes(java.lang.String sharedSecret)

This method exists for subclasses to be overridden in order to encode packet attributes like the User-Password attribute. The method may use getAuthenticator() to get the request authenticator.

Parameters:

sharedSecret -

createRequestAuthenticator

protected byte[] createRequestAuthenticator(java.lang.String sharedSecret)

Creates a request authenticator for this packet. This request authenticator is constructed as described in RFC 2865.

Parameters:

sharedSecret - shared secret that secures the communication with the other Radius server/client

Returns:

request authenticator, 16 bytes

updateRequestAuthenticator

protected byte[] updateRequestAuthenticator(java.lang.String sharedSecret,
                                            int packetLength,
                                            byte[] attributes)

AccountingRequest overrides this method to create a request authenticator as specified by RFC 2866.

Parameters:

sharedSecret - shared secret

packetLength - length of the final Radius packet

attributes - attribute data

Returns:

new request authenticator

createResponseAuthenticator

protected byte[] createResponseAuthenticator(java.lang.String sharedSecret,
                                             int packetLength,
                                             byte[] attributes,
                                             byte[] requestAuthenticator)

Creates an authenticator for a Radius response packet.

Parameters:

sharedSecret - shared secret

packetLength - length of response packet

attributes - encoded attributes of response packet

requestAuthenticator - request packet authenticator

Returns:

new 16 byte response authenticator

decodePacket

protected static RadiusPacket decodePacket(Dictionary dictionary,
                                           java.io.InputStream in,
                                           java.lang.String sharedSecret,
                                           RadiusPacket request)
                                    throws java.io.IOException,
                                           RadiusException

Reads a Radius packet from the given input stream and creates an appropiate RadiusPacket descendant object. Reads in all attributes and returns the object. Decodes the encrypted fields and attributes of the packet.

Parameters:

dictionary - dictionary to use for attributes

sharedSecret - shared secret to be used to decode this packet

request - Radius request packet if this is a response packet to be decoded, null if this is a request packet to be decoded

Returns:

new RadiusPacket object

Throws:

java.io.IOException - if an IO error occurred

RadiusException - if the Radius packet is malformed

decodeRequestAttributes

protected void decodeRequestAttributes(java.lang.String sharedSecret)
                                throws RadiusException

Can be overriden to decode encoded request attributes such as User-Password. This method may use getAuthenticator() to get the request authenticator.

Parameters:

sharedSecret -

Throws:

RadiusException

checkResponseAuthenticator

protected void checkResponseAuthenticator(java.lang.String sharedSecret,
                                          int packetLength,
                                          byte[] attributes,
                                          byte[] requestAuthenticator)
                                   throws RadiusException

This method checks the authenticator of this Radius packet. This method may be overriden to include special attributes in the authenticator check.

Parameters:

sharedSecret - shared secret to be used to encrypt the authenticator

packetLength - length of the response packet

attributes - attribute data of the response packet

requestAuthenticator - 16 bytes authenticator of the request packet belonging to this response packet

Throws:

RadiusException

getMd5Digest

protected java.security.MessageDigest getMd5Digest()

Returns a MD5 digest.

Returns:

MessageDigest object

getAttributeBytes

protected byte[] getAttributeBytes()
                            throws java.io.IOException

Encodes the attributes of this Radius packet to a byte array.

Returns:

byte array with encoded attributes

Throws:

java.io.IOException - error writing data