Exemplo n.º 1
0
 public void setConfiguration(ListenerConfigurationItem cfg) {
   try {
     setConfiguration(cfg, false);
   } catch (Exception e) {
     e.printStackTrace();
     RadiusLog.error("Invalid JRadius configuration.", e);
   }
 }
 public void onRadiusError(SessionExpiredEvent event) {
   JRadiusSession session = event.getSession();
   String error = "Session Expired in Error State";
   RadiusLog.error(session.getSessionKey() + ": " + error);
   JRadiusLogEntry logEntry = session.getLogEntry(event, "0");
   logEntry.setType("error");
   logEntry.addMessage(error);
   session.commitLogEntries(JRadiusServer.RLM_MODULE_FAIL);
 }
Exemplo n.º 3
0
  /** The thread's run method repeatedly calls listen() */
  public void run() {
    while (getActive()) {
      try {
        Thread.yield();
        listen();
      } catch (SocketException e) {
        if (getActive() == false) {
          break;
        } else {
          RadiusLog.error("Socket exception", e);
        }
      } catch (InterruptedException e) {
      } catch (SSLException e) {
        RadiusLog.error("Error occured in TCPListener.", e);
        active = false;
      } catch (Throwable e) {
        RadiusLog.error("Error occured in TCPListener.", e);
      }
    }

    RadiusLog.debug("Listener: " + this.getClass().getName() + " exiting (not active)");
  }
Exemplo n.º 4
0
 private void initialize() {
   try {
     // If we can find the extended JRadius classes, configure
     // the default RadiusSessionKeyProvider and RadiusSessionFactory
     Class c;
     c = Class.forName("net.jradius.session.RadiusSessionKeyProvider");
     providers.put(null, c.newInstance());
     c = Class.forName("net.jradius.session.RadiusSessionFactory");
     factories.put(null, c.newInstance());
   } catch (Exception e) {
     RadiusLog.error(
         "Could not find extended JRadius classes - not running JRadiusSessionManager");
     throw new RuntimeException(e);
   }
 }
Exemplo n.º 5
0
 private synchronized void release(JRadiusSession session) {
   String thisThread = Thread.currentThread().getName();
   String sessionToUnlock = session.getSessionKey();
   String sessionOwner = (String) locks.get(sessionToUnlock);
   if (sessionOwner != null) {
     if (sessionOwner.equals(thisThread)) {
       locks.remove(sessionToUnlock);
       RadiusLog.debug("Release: Thread " + thisThread + " unlocking session " + sessionToUnlock);
     } else {
       RadiusLog.error(
           "Releasing session lock not owned by this thread (owner="
               + sessionOwner
               + ",this="
               + thisThread
               + ")");
     }
   }
   notifyAll();
 }
Exemplo n.º 6
0
  /**
   * Returns a session object. First, a key is generated by the session manager's key provider,
   * based on the JRadiusRequest. If there is a stored session based on the key, this session is
   * returned, otherwise a new session created by the session factory is returned
   *
   * @param request a JRadiusRequest used to retrieve or generate a session with
   * @return Returns a RadiusSession
   * @throws RadiusException
   */
  public JRadiusSession getSession(JRadiusRequest request) throws RadiusException {
    SessionKeyProvider skp = getSessionKeyProvider(request.getSender());
    Serializable key = skp.getAppSessionKey(request);
    JRadiusSession session = null;
    Serializable nkey = null;

    if (key != null) {
      RadiusLog.debug("** Looking for session: " + key);
      session = getSession(request, key);
      if (session == null) {
        RadiusLog.error("Broken JRadius-Session-Id implementation for session: " + key);
        key = null;
      }
    }

    if (key == null) {
      key = skp.getClassKey(request);

      if (key != null) {
        RadiusLog.debug("** Looking for session: " + key);
        session = getSession(request, key);
        if (session == null) {
          RadiusLog.error("Broken Class implementation for session: " + key);
          key = null;
        } else {
          if (session.getJRadiusKey() != null
              && !session.getJRadiusKey().equals(session.getSessionKey())) {
            rehashSession(session, session.getJRadiusKey(), key);
          }
        }
      }
    }

    if (key == null) {
      Serializable keys = skp.getRequestSessionKey(request);

      if (keys == null) {
        return null;
      }

      if (keys instanceof Serializable[]) {
        key = ((Serializable[]) (keys))[0];
        nkey = ((Serializable[]) (keys))[1];
        RadiusLog.debug("Rehashing session with key " + key + " under new key " + nkey);
      } else {
        key = keys;
      }

      RadiusLog.debug("** Looking for session: " + key);
      session = getSession(request, key);

      if (session != null && nkey != null && !nkey.equals(key)) {
        rehashSession(session, key, nkey);
      }
    }

    if (session == null) {
      session = newSession(request, nkey == null ? key : nkey);
    } else {
      session.setNewSession(false);
    }

    session.setTimeStamp(System.currentTimeMillis());
    session.setLastRadiusRequest(request);

    return session;
  }
Exemplo n.º 7
0
  /**
   * Get a supported RadiusAuthenticator based on the protocol name. If no protocol with that name
   * is supported, null is returned. If the authenticator class for the named protocol has writable
   * bean properties, these can be set by appending a colon separated list of property=value pairs
   * to the protocolName. For instance, the EAP-TLS (and EAP-TTLS since it derives from EAP-TLS)
   * authenticator class has numerous configurable properties (including keyFile, keyFileType,
   * keyPassword, etc).
   *
   * <p>Examples:
   *
   * <ul>
   *   <li>getAuthProtocol("pap") returns PAPAuthenticator
   *   <li>getAuthProtocol("chap") returns CHAPAuthenticator
   *   <li>getAuthProtocol("eap-md5") returns EAPMD5Authenticator
   *   <li>getAuthProtocol("eap-ttls") returns default EALTTLSAuthenticator
   *   <li>getAuthProtocol("eap-tls:keyFile=keystore:keyPassword=mypass") returns
   *       EALTLSAuthenticator with setKeyFile("keystore") and setKeyPassword("mypass")
   *   <li>getAuthProtocol("eap-ttls:trustAll=true") returns EALTTLSAuthenticator with
   *       setTrustAll(true)
   * </ul>
   *
   * Keep in mind that Java 1.5 is required for EAP-TLS/TTLS and only PAP is usable as the inner
   * protocol because of limitations of Java 1.5.
   *
   * <p>
   *
   * @param protocolName The requested authentication protocol
   * @return Returns an instance of RadiusAuthenticator or null
   */
  public static RadiusAuthenticator getAuthProtocol(String protocolName) {
    RadiusAuthenticator auth = null;
    String[] args = null;
    int i;

    if ((i = protocolName.indexOf(':')) > 0) {
      if (i < protocolName.length()) {
        args = protocolName.substring(i + 1).split(":");
      }
      protocolName = protocolName.substring(0, i);
    }

    protocolName = protocolName.toLowerCase();

    Class<?> c = (Class<?>) authenticators.get(protocolName);

    if (c == null) return null;

    try {
      auth = (RadiusAuthenticator) c.newInstance();
    } catch (Exception e) {
      RadiusLog.error("Invalid auth protocol", e);
      return null;
    }

    if (args != null) {
      HashMap<String, PropertyDescriptor> elements = new HashMap<String, PropertyDescriptor>();
      Class<?> clazz = auth.getClass();
      PropertyDescriptor[] props = null;
      try {
        props = Introspector.getBeanInfo(clazz).getPropertyDescriptors();
      } catch (Exception e) {
        RadiusLog.error("Could not instanciate authenticator " + protocolName, e);
        return auth;
      }
      for (int p = 0; p < props.length; p++) {
        PropertyDescriptor pd = props[p];
        Method m = pd.getWriteMethod();
        if (m != null) {
          elements.put(pd.getName(), pd);
        }
      }
      for (int a = 0; a < args.length; a++) {
        int eq = args[a].indexOf("=");
        if (eq > 0) {
          String name = args[a].substring(0, eq);
          String value = args[a].substring(eq + 1);

          PropertyDescriptor pd = (PropertyDescriptor) elements.get(name);
          Method m = pd.getWriteMethod();

          if (m == null) {
            RadiusLog.error(
                "Authenticator " + protocolName + " does not have a writable attribute " + name);
          } else {
            Object valueObject = value;
            Class<?> cType = pd.getPropertyType();
            if (cType == Boolean.class) {
              valueObject = new Boolean(value);
            } else if (cType == Integer.class) {
              valueObject = new Integer(value);
            }
            try {
              m.invoke(auth, new Object[] {valueObject});
            } catch (Exception e) {
              RadiusLog.error(
                  "Error setting attribute " + name + " for authenticator " + protocolName, e);
            }
          }
        }
      }
    }
    return auth;
  }