RSA SecurID-based RADIUS Two-time Verification Java implementation (PAP authentication mode)

Two-time verification based on RSA SecurID. RSA server itself can be used as a RADIUS server, RSA can and other software collections, use other server as RADIUS server.

The general flow of RADIUS validation is as follows:

The main code implemented in Java is implemented as follows (need to import radius-related jar packages, mainly Radiusclient3.jar):

①radius for the first time, the 4 parameters of the radiusclient are the keys for the server Ip,port,radius, and the radius input time-out. Authenticate's username and password are the users that need to be authenticated.

 1  radiusclient r = null  ;  2  int  nresult = 0; r = new  radiusclient ("IP"  3  r.setdebug (true  ); 4  attributelist alist = new   AttributeList ();  5  Alist.addattribute (attribute.nas_port, 1 6  nresult = r.authenticate (username, password, alist); 

The ② is judged by the return of the Nresult. The number 3 in the code represents access_reject, the number 0 represents Access_badpacket, the number 11 represents Access_challenge, and the number 2 represents access_accept.

When encountering Access_challenge, there are two cases where a new PIN is required (the case of the new PIN is relatively complex) and the next token is required. In addition, this attribute.state attribute is always inherited to differentiate

Is the validation that we need (like code 25, 26 lines, take state to the next validation, to verify recognition).

1  Switch(nresult) {2                  Case3:3                     Try{ 4AttributeList response =r.getattributes ();5AttributeList State =response.getattributelist (attribute.state);6                     }7                     Catch(Exception e) {8                      9                     }Ten                   One                      Break; A                  Case0: -                   -                      Break; the                  CaseOne : -AttributeList response =r.getattributes (); -AttributeList State =response.getattributelist (attribute.state); - R.reset (); +System.out.println (":"); -Scanner SA =NewScanner (system.in); +String SL =Sa.next (); AString Mima = sl + "";  atAttributeList attlist =Newattributelist (); -Attlist.addattribute (Attribute.nas_port, 1); - attlist.mergeattributes (state); -Nresult =r.authenticate (username, Mima, attlist); - System.out.println (R.getpackettype ()); -System.out.println ("r.geterrorstring ():" +r.geterrorstring ()); inSystem.out.println ("Second nresult:" +nresult); -                     if(Nresult = =11) { toAttributeList Rresponse =r.getattributes (); +AttributeList sstate =rresponse.getattributelist (attribute.state);  - R.reset (); theSystem.out.println ("Re New Pins"); *Scanner SSA =NewScanner (system.in); $String SSL =Ssa.next ();Panax NotoginsengString Renewpin = SSL + ""; - System.out.println (renewpin); theAttributeList aattlist =Newattributelist (); +Aattlist.addattribute (Attribute.nas_port, 1); A aattlist.mergeattributes (sstate); theNresult =r.authenticate (username, renewpin, aattlist); + System.out.println (R.getpackettype ()); -System.out.println ("r.geterrorstring ():" +r.geterrorstring ()); $ $                      　　 if(Nresult = =11) { -AttributeList Rrresponse =r.getattributes (); -AttributeList ssstate =rrresponse.getattributelist (attribute.state); the R.reset (); -System.out.println ("Posscode");WuyiScanner Ressa =NewScanner (system.in); theString Ressl =Ressa.next (); -String passcode = Ressl + ""; WuAttributeList reaattlist =Newattributelist (); -Reaattlist.addattribute (Attribute.nas_port, 1); AboutNresult =r.authenticate (username, passcode, reaattlist); $ System.out.println (R.getpackettype ()); -System.out.println ("r.geterrorstring ():" +r.geterrorstring ()); -System.out.println ("Nresult:" +nresult); -                      　　　　　　 if(Nresult = =2) { A                         　　　　　　 return"AUTH SUCCESS"; + } the } -                     } $                     if(Nresult = =2) { the                         return"AUTH SUCCESS"; the                     } the                  Case2: the                      -                     return"AUTH SUCCESS"; in                 default: the                      the                      Break; About             } the             return"AUTH FAILURE";

RSA SecurID-based RADIUS Two-time Verification Java implementation (PAP authentication mode)