Two-time verification based on RSA SecurID. RSA server itself can be used as a RADIUS server, RSA can and other software collections, use other server as RADIUS server.
The general flow of RADIUS validation is as follows:
The main code implemented in Java is implemented as follows (need to import radius-related jar packages, mainly Radiusclient3.jar):
①radius for the first time, the 4 parameters of the radiusclient are the keys for the server Ip,port,radius, and the radius input time-out. Authenticate's username and password are the users that need to be authenticated.
1 radiusclient r = null ; 2 int nresult = 0; r = new radiusclient ("IP" 3 r.setdebug (true ); 4 attributelist alist = new AttributeList (); 5 Alist.addattribute (attribute.nas_port, 1 6 nresult = r.authenticate (username, password, alist);
The ② is judged by the return of the Nresult. The number 3 in the code represents access_reject, the number 0 represents Access_badpacket, the number 11 represents Access_challenge, and the number 2 represents access_accept.
When encountering Access_challenge, there are two cases where a new PIN is required (the case of the new PIN is relatively complex) and the next token is required. In addition, this attribute.state attribute is always inherited to differentiate
Is the validation that we need (like code 25, 26 lines, take state to the next validation, to verify recognition).
1 Switch(nresult) {2 Case3:3 Try{ 4AttributeList response =r.getattributes ();5AttributeList State =response.getattributelist (attribute.state);6 }7 Catch(Exception e) {8 9 }Ten One Break; A Case0: - - Break; the CaseOne : -AttributeList response =r.getattributes (); -AttributeList State =response.getattributelist (attribute.state); - R.reset (); +System.out.println (":"); -Scanner SA =NewScanner (system.in); +String SL =Sa.next (); AString Mima = sl + ""; atAttributeList attlist =Newattributelist (); -Attlist.addattribute (Attribute.nas_port, 1); - attlist.mergeattributes (state); -Nresult =r.authenticate (username, Mima, attlist); - System.out.println (R.getpackettype ()); -System.out.println ("r.geterrorstring ():" +r.geterrorstring ()); inSystem.out.println ("Second nresult:" +nresult); - if(Nresult = =11) { toAttributeList Rresponse =r.getattributes (); +AttributeList sstate =rresponse.getattributelist (attribute.state); - R.reset (); theSystem.out.println ("Re New Pins"); *Scanner SSA =NewScanner (system.in); $String SSL =Ssa.next ();Panax NotoginsengString Renewpin = SSL + ""; - System.out.println (renewpin); theAttributeList aattlist =Newattributelist (); +Aattlist.addattribute (Attribute.nas_port, 1); A aattlist.mergeattributes (sstate); theNresult =r.authenticate (username, renewpin, aattlist); + System.out.println (R.getpackettype ()); -System.out.println ("r.geterrorstring ():" +r.geterrorstring ()); $ $ if(Nresult = =11) { -AttributeList Rrresponse =r.getattributes (); -AttributeList ssstate =rrresponse.getattributelist (attribute.state); the R.reset (); -System.out.println ("Posscode");WuyiScanner Ressa =NewScanner (system.in); theString Ressl =Ressa.next (); -String passcode = Ressl + ""; WuAttributeList reaattlist =Newattributelist (); -Reaattlist.addattribute (Attribute.nas_port, 1); AboutNresult =r.authenticate (username, passcode, reaattlist); $ System.out.println (R.getpackettype ()); -System.out.println ("r.geterrorstring ():" +r.geterrorstring ()); -System.out.println ("Nresult:" +nresult); - if(Nresult = =2) { A return"AUTH SUCCESS"; + } the } - } $ if(Nresult = =2) { the return"AUTH SUCCESS"; the } the Case2: the - return"AUTH SUCCESS"; in default: the the Break; About } the return"AUTH FAILURE";
RSA SecurID-based RADIUS Two-time Verification Java implementation (PAP authentication mode)