RSA SecurID-based RADIUS Two-time Verification Java implementation (PAP authentication mode)

Source: Internet
Author: User
Tags auth rsa securid securid

Two-time verification based on RSA SecurID. RSA server itself can be used as a RADIUS server, RSA can and other software collections, use other server as RADIUS server.

The general flow of RADIUS validation is as follows:

The main code implemented in Java is implemented as follows (need to import radius-related jar packages, mainly Radiusclient3.jar):

①radius for the first time, the 4 parameters of the radiusclient are the keys for the server Ip,port,radius, and the radius input time-out. Authenticate's username and password are the users that need to be authenticated.

 1  radiusclient r = null  ;  2  int  nresult = 0; r = new  radiusclient ("IP"  3  r.setdebug (true  ); 4  attributelist alist = new   AttributeList ();  5  Alist.addattribute (attribute.nas_port, 1 6  nresult = r.authenticate (username, password, alist); 

The ② is judged by the return of the Nresult. The number 3 in the code represents access_reject, the number 0 represents Access_badpacket, the number 11 represents Access_challenge, and the number 2 represents access_accept.

When encountering Access_challenge, there are two cases where a new PIN is required (the case of the new PIN is relatively complex) and the next token is required. In addition, this attribute.state attribute is always inherited to differentiate

Is the validation that we need (like code 25, 26 lines, take state to the next validation, to verify recognition).

1  Switch(nresult) {2                  Case3:3                     Try{ 4AttributeList response =r.getattributes ();5AttributeList State =response.getattributelist (attribute.state);6                     }7                     Catch(Exception e) {8                      9                     }Ten                   One                      Break; A                  Case0: -                   -                      Break; the                  CaseOne : -AttributeList response =r.getattributes (); -AttributeList State =response.getattributelist (attribute.state); - R.reset (); +System.out.println (":"); -Scanner SA =NewScanner (system.in); +String SL =Sa.next (); AString Mima = sl + "";  atAttributeList attlist =Newattributelist (); -Attlist.addattribute (Attribute.nas_port, 1); - attlist.mergeattributes (state); -Nresult =r.authenticate (username, Mima, attlist); - System.out.println (R.getpackettype ()); -System.out.println ("r.geterrorstring ():" +r.geterrorstring ()); inSystem.out.println ("Second nresult:" +nresult); -                     if(Nresult = =11) { toAttributeList Rresponse =r.getattributes (); +AttributeList sstate =rresponse.getattributelist (attribute.state);  - R.reset (); theSystem.out.println ("Re New Pins"); *Scanner SSA =NewScanner (system.in); $String SSL =Ssa.next ();Panax NotoginsengString Renewpin = SSL + ""; - System.out.println (renewpin); theAttributeList aattlist =Newattributelist (); +Aattlist.addattribute (Attribute.nas_port, 1); A aattlist.mergeattributes (sstate); theNresult =r.authenticate (username, renewpin, aattlist); + System.out.println (R.getpackettype ()); -System.out.println ("r.geterrorstring ():" +r.geterrorstring ()); $ $                         if(Nresult = =11) { -AttributeList Rrresponse =r.getattributes (); -AttributeList ssstate =rrresponse.getattributelist (attribute.state); the R.reset (); -System.out.println ("Posscode");WuyiScanner Ressa =NewScanner (system.in); theString Ressl =Ressa.next (); -String passcode = Ressl + ""; WuAttributeList reaattlist =Newattributelist (); -Reaattlist.addattribute (Attribute.nas_port, 1); AboutNresult =r.authenticate (username, passcode, reaattlist); $ System.out.println (R.getpackettype ()); -System.out.println ("r.geterrorstring ():" +r.geterrorstring ()); -System.out.println ("Nresult:" +nresult); -                             if(Nresult = =2) { A                                return"AUTH SUCCESS"; + } the } -                     } $                     if(Nresult = =2) { the                         return"AUTH SUCCESS"; the                     } the                  Case2: the                      -                     return"AUTH SUCCESS"; in                 default: the                      the                      Break; About             } the             return"AUTH FAILURE";

RSA SecurID-based RADIUS Two-time Verification Java implementation (PAP authentication mode)

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.