Hi<br>I proposed to use TinyRadius but they refused it. they consider it (contamination risk AND the IPR risk )<br><br>So they opt to FreeRadius Client. It's a C library, had to be used from a Java application,
it would need to be called either via JNI, or simply linked into a small C main
program and then spawned from Java as an external process. <br><br>I'm a<span id="result_box" class="short_text"><span style="" title=""> beginner</span></span> in c development <img goomoji="33D" style="margin: 0pt 0.2ex; vertical-align: middle;" src="cid:33D@goomoji.gmail">. someone can help me to do this?? <br>
<br>thanks in advance<br><br><br><div class="gmail_quote">2010/8/31 Michael Lecuyer <span dir="ltr"><<a href="mailto:mjl@iterpacis.org">mjl@iterpacis.org</a>></span><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Sorry, I was looking at the client in the freeradius server source.<br>
<br>
Now I'm looking at the same source you are looking at.<div class="im"><br>
<br>
On 2010-08-31 4:37 AM, Noura Kossentini wrote:<br>
</div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="im">
i downloaded freeradius-client-1.1.6 and in radiusclient.c I found this<br>
copyright<br>
<br>
/*<br>
* Copyright (c) 2004 Maxim Sobolev <sobomax@FreeBSD.org><br>
* All rights reserved.<br>
*<br>
* Redistribution and use in source and binary forms, with or without<br>
* modification, are permitted provided that the following conditions<br>
* are met:<br>
* 1. Redistributions of source code must retain the above copyright<br>
* notice, this list of conditions and the following disclaimer.<br>
* 2. Redistributions in binary form must reproduce the above copyright<br>
* notice, this list of conditions and the following disclaimer in the<br>
* documentation and/or other materials provided with the distribution.<br>
*<br>
<br>
Please send me the link to download free radius client you speak about<br>
<br>
In this case (radiusclient is a BSD copyright) can I use JNI?? and how?<br>
<br>
thanks<br>
<br></div>
2010/8/30 Michael Lecuyer <<a href="mailto:mjl@iterpacis.org" target="_blank">mjl@iterpacis.org</a> <mailto:<a href="mailto:mjl@iterpacis.org" target="_blank">mjl@iterpacis.org</a>>><div><div></div><div class="h5">
<br>
<br>
So our production must be supported on all platforms so I think that<br>
using JNI is the good solution.<br>
<br>
<br>
The radius client is not written in a form suitable for JNI. That is<br>
to say its not modular in the sense most Java programs are. The<br>
main() function is the only way to call radclient. The radclient<br>
main() sets all the internal structures up based on the command line<br>
arguments.<br>
<br>
I've just noticed that the FreeRadius radclient.c is released as the<br>
GNU General Public License which you can't use with your product.<br>
You might go with tinyradius (LGPL). There are probably other free<br>
RADIUS clients written in other languages (python, perl).<br>
<br>
/*<br>
* radclient.c General radius packet debug tool.<br>
*<br>
* Version: $Id$<br>
*<br>
* This program is free software; you can redistribute it and/or<br>
modify<br>
* it under the terms of the GNU General Public License as<br>
published by<br>
* the Free Software Foundation; either version 2 of the License, or<br>
* (at your option) any later version.<br>
<br>
<br>
On 2010-08-30 8:45 AM, Noura Kossentini wrote:<br>
<br>
Hi<br>
<br>
Thanks for your detailed answer.<br>
So our production must be supported on all platforms so I think that<br>
using JNI is the good solution.<br>
Please can you help me on how to use the JNI with freeradius<br>
client??<br>
<br>
thanks<br>
<br>
<br>
2010/8/27 Michael Lecuyer <<a href="mailto:mjl@iterpacis.org" target="_blank">mjl@iterpacis.org</a><br></div></div>
<mailto:<a href="mailto:mjl@iterpacis.org" target="_blank">mjl@iterpacis.org</a>> <mailto:<a href="mailto:mjl@iterpacis.org" target="_blank">mjl@iterpacis.org</a><div><div></div><div class="h5"><br>
<mailto:<a href="mailto:mjl@iterpacis.org" target="_blank">mjl@iterpacis.org</a>>>><br>
<br>
<br>
The radclient is limited to CHAP, PAP, and Digest authentication<br>
methods. It can send MSCHAP and MSCHAPV2 if you write the<br>
code to<br>
build the request (NT-Response & Challenge) and so on (not<br>
trivial<br>
to get right).<br>
<br>
Otherwise you can direct your attributes to send to the<br>
Runtime.exec()<br>
<br>
Here's some example code for running the radclient:<br>
<br>
import java.io.*;<br>
<br>
public class RunRadClient<br>
{<br>
public static void main(String[] a)<br>
{<br>
try {<br>
RunRadClient t = new RunRadClient();<br>
t.go(a);<br>
} catch (Exception e) {<br>
e.printStackTrace();<br>
}<br>
}<br>
<br>
private void go(String[] a) throws Exception<br>
{<br>
<br>
try {<br>
//./radclient -c 2 -i 23 -s -x -f /tmp/radattr<br>
192.168.1.187 auth axltest<br>
String path =<br>
"/usr/src/freeradius/src/main/radclient";<br>
<br>
String[] cmd = {<br>
path,<br>
"-c", "1", // Send on packet.<br>
"-i", "22", // Packet id (change this each time)<br>
"-s", // Display summary information.<br>
"192.168.1.187", // Server<br>
"auth", // Authentication packet.<br>
"axltest" // Secret<br>
};<br>
<br>
// Attributes:<br>
StringBuffer sb = new StringBuffer();<br>
sb.append("NAS-IP-Address=192.168.1.187\n");<br>
sb.append("NAS-Port =1\n");<br>
sb.append("User-Name=michael\n");<br>
sb.append("Chap-Password=test\n");<br>
<br>
Process p = Runtime.getRuntime().exec(cmd);<br>
<br>
// For our purposes stdin, stdout, and<br>
stderr are<br>
reversed in sense because<br>
// they relate to the exec'd process.<br>
BufferedReader stderr = new BufferedReader( new<br>
InputStreamReader(p.getErrorStream()));<br>
BufferedReader stdout = new BufferedReader( new<br>
InputStreamReader(p.getInputStream()));<br>
BufferedWriter stdin = new BufferedWriter( new<br>
OutputStreamWriter(p.getOutputStream()));<br>
<br>
// Build the attributes as a StringBuilder<br>
and write<br>
them to stdout.<br>
stdin.write(sb.toString(), 0, sb.length());<br>
stdin.flush();<br>
stdin.close();<br>
<br>
p.waitFor();<br>
int exitValue = p.exitValue();<br>
if (exitValue != 0)<br>
{<br>
System.out.println("Error running<br>
command,<br>
exit = " + exitValue);<br>
}<br>
String line;<br>
while ((line = stdout.readLine()) != null)<br>
{<br>
System.out.println(line);<br>
}<br>
} catch (Exception e) {<br>
System.err.println("Exec failed" +<br>
e.getMessage());<br>
e.printStackTrace();<br>
}<br>
<br>
}<br>
}<br>
<br>
The result is this, which must be parsed to extract any response<br>
attributes and to get the packet status.<br>
<br>
Sending Access-Request of id 100 to 192.168.1.187 port 1812<br>
NAS-IP-Address = 192.168.1.187<br>
NAS-Port = 1<br>
User-Name = "michael"<br>
CHAP-Password = 0x64234c1d14fde1c04c8590c13b8c9aa181<br>
rad_recv: Access-Accept packet from host 192.168.1.187 port<br>
1812,<br>
id=100, length=85<br>
Reply-Message = "Howdy."<br>
Cisco-Attr-0 = 0x683332332d63757272656e63793d555344<br>
Cisco-Attr-0 = 0x436973636f2d586d69742d526174653d3939<br>
Framed-IP-Address = 192.123.231.123<br>
<br>
Total approved auths: 1<br>
Total denied auths: 0<br>
Total lost auths: 0<br>
<br>
<br>
<br>
<br>
On 2010-08-27 9:24 AM, Noura Kossentini wrote:<br>
<br>
Hi<br>
<br>
thanks for quick answer.<br>
Can you help me on how to use JNI with freeradius client??<br>
<br>
<br>
2010/8/27 Michael Lecuyer <<a href="mailto:mjl@iterpacis.org" target="_blank">mjl@iterpacis.org</a><br>
<mailto:<a href="mailto:mjl@iterpacis.org" target="_blank">mjl@iterpacis.org</a>><br>
<mailto:<a href="mailto:mjl@iterpacis.org" target="_blank">mjl@iterpacis.org</a> <mailto:<a href="mailto:mjl@iterpacis.org" target="_blank">mjl@iterpacis.org</a>>><br>
<mailto:<a href="mailto:mjl@iterpacis.org" target="_blank">mjl@iterpacis.org</a> <mailto:<a href="mailto:mjl@iterpacis.org" target="_blank">mjl@iterpacis.org</a>><br>
<br></div></div>
<mailto:<a href="mailto:mjl@iterpacis.org" target="_blank">mjl@iterpacis.org</a> <mailto:<a href="mailto:mjl@iterpacis.org" target="_blank">mjl@iterpacis.org</a>>>>><div><div></div><div class="h5">
<br>
<br>
<br>
You have two methods: JNI (Java native interface) to<br>
call the<br>
Freeradius client or purchase a very good Java<br>
RADIUS Client API<br>
from AXLRadius.com<br>
<br>
<br>
On 2010-08-27 7:05 AM, Noura Kossentini wrote:<br>
<br>
Hi,<br>
<br>
In our company it's forbidden to use products<br>
with GPL<br>
License.<br>
So I ca<br>
not use Jradius client to connect my client<br>
application to a<br>
radius server.<br>
<br>
Since that FreeRadius is distributed under BSD, it's<br>
allowed to<br>
me to<br>
use this library.<br>
<br>
My queqtion is can you help me on how can I<br>
connect and<br>
authenticate my<br>
java application to a radius server using FreeRadius<br>
client??<br>
<br>
Thanks in advance<br>
<br>
Regards<br>
Noura<br>
<br>
<br>
<br>
-<br>
List info/subscribe/unsubscribe? See<br>
<a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
</div></div></blockquote>
<br>
</blockquote></div><br>