Hi I proposed to use TinyRadius but they refused it. they consider it (contamination risk AND the IPR risk )
So they opt to FreeRadius Client. It's a C library, had to be used from a Java application, it would need to be called either via JNI, or simply linked into a small C main program and then spawned from Java as an external process. I'm a beginner in c development [?]. someone can help me to do this?? thanks in advance 2010/8/31 Michael Lecuyer <m...@iterpacis.org> > Sorry, I was looking at the client in the freeradius server source. > > Now I'm looking at the same source you are looking at. > > > On 2010-08-31 4:37 AM, Noura Kossentini wrote: > >> i downloaded freeradius-client-1.1.6 and in radiusclient.c I found this >> copyright >> >> /* >> * Copyright (c) 2004 Maxim Sobolev <sobo...@freebsd.org> >> * All rights reserved. >> * >> * Redistribution and use in source and binary forms, with or without >> * modification, are permitted provided that the following conditions >> * are met: >> * 1. Redistributions of source code must retain the above copyright >> * notice, this list of conditions and the following disclaimer. >> * 2. Redistributions in binary form must reproduce the above copyright >> * notice, this list of conditions and the following disclaimer in the >> * documentation and/or other materials provided with the distribution. >> * >> >> Please send me the link to download free radius client you speak about >> >> In this case (radiusclient is a BSD copyright) can I use JNI?? and how? >> >> thanks >> >> 2010/8/30 Michael Lecuyer <m...@iterpacis.org <mailto:m...@iterpacis.org>> >> >> >> So our production must be supported on all platforms so I think >> that >> using JNI is the good solution. >> >> >> The radius client is not written in a form suitable for JNI. That is >> to say its not modular in the sense most Java programs are. The >> main() function is the only way to call radclient. The radclient >> main() sets all the internal structures up based on the command line >> arguments. >> >> I've just noticed that the FreeRadius radclient.c is released as the >> GNU General Public License which you can't use with your product. >> You might go with tinyradius (LGPL). There are probably other free >> RADIUS clients written in other languages (python, perl). >> >> /* >> * radclient.c General radius packet debug tool. >> * >> * Version: $Id$ >> * >> * This program is free software; you can redistribute it and/or >> modify >> * it under the terms of the GNU General Public License as >> published by >> * the Free Software Foundation; either version 2 of the License, or >> * (at your option) any later version. >> >> >> On 2010-08-30 8:45 AM, Noura Kossentini wrote: >> >> Hi >> >> Thanks for your detailed answer. >> So our production must be supported on all platforms so I think >> that >> using JNI is the good solution. >> Please can you help me on how to use the JNI with freeradius >> client?? >> >> thanks >> >> >> 2010/8/27 Michael Lecuyer <m...@iterpacis.org >> <mailto:m...@iterpacis.org> <mailto:m...@iterpacis.org >> >> <mailto:m...@iterpacis.org>>> >> >> >> The radclient is limited to CHAP, PAP, and Digest >> authentication >> methods. It can send MSCHAP and MSCHAPV2 if you write the >> code to >> build the request (NT-Response & Challenge) and so on (not >> trivial >> to get right). >> >> Otherwise you can direct your attributes to send to the >> Runtime.exec() >> >> Here's some example code for running the radclient: >> >> import java.io.*; >> >> public class RunRadClient >> { >> public static void main(String[] a) >> { >> try { >> RunRadClient t = new RunRadClient(); >> t.go(a); >> } catch (Exception e) { >> e.printStackTrace(); >> } >> } >> >> private void go(String[] a) throws Exception >> { >> >> try { >> //./radclient -c 2 -i 23 -s -x -f /tmp/radattr >> 192.168.1.187 auth axltest >> String path = >> "/usr/src/freeradius/src/main/radclient"; >> >> String[] cmd = { >> path, >> "-c", "1", // Send on packet. >> "-i", "22", // Packet id (change this each time) >> "-s", // Display summary information. >> "192.168.1.187", // Server >> "auth", // Authentication packet. >> "axltest" // Secret >> }; >> >> // Attributes: >> StringBuffer sb = new StringBuffer(); >> sb.append("NAS-IP-Address=192.168.1.187\n"); >> sb.append("NAS-Port =1\n"); >> sb.append("User-Name=michael\n"); >> sb.append("Chap-Password=test\n"); >> >> Process p = Runtime.getRuntime().exec(cmd); >> >> // For our purposes stdin, stdout, and >> stderr are >> reversed in sense because >> // they relate to the exec'd process. >> BufferedReader stderr = new BufferedReader( new >> InputStreamReader(p.getErrorStream())); >> BufferedReader stdout = new BufferedReader( new >> InputStreamReader(p.getInputStream())); >> BufferedWriter stdin = new BufferedWriter( new >> OutputStreamWriter(p.getOutputStream())); >> >> // Build the attributes as a StringBuilder >> and write >> them to stdout. >> stdin.write(sb.toString(), 0, sb.length()); >> stdin.flush(); >> stdin.close(); >> >> p.waitFor(); >> int exitValue = p.exitValue(); >> if (exitValue != 0) >> { >> System.out.println("Error running >> command, >> exit = " + exitValue); >> } >> String line; >> while ((line = stdout.readLine()) != null) >> { >> System.out.println(line); >> } >> } catch (Exception e) { >> System.err.println("Exec failed" + >> e.getMessage()); >> e.printStackTrace(); >> } >> >> } >> } >> >> The result is this, which must be parsed to extract any >> response >> attributes and to get the packet status. >> >> Sending Access-Request of id 100 to 192.168.1.187 port 1812 >> NAS-IP-Address = 192.168.1.187 >> NAS-Port = 1 >> User-Name = "michael" >> CHAP-Password = 0x64234c1d14fde1c04c8590c13b8c9aa181 >> rad_recv: Access-Accept packet from host 192.168.1.187 port >> 1812, >> id=100, length=85 >> Reply-Message = "Howdy." >> Cisco-Attr-0 = 0x683332332d63757272656e63793d555344 >> Cisco-Attr-0 = 0x436973636f2d586d69742d526174653d3939 >> Framed-IP-Address = 192.123.231.123 >> >> Total approved auths: 1 >> Total denied auths: 0 >> Total lost auths: 0 >> >> >> >> >> On 2010-08-27 9:24 AM, Noura Kossentini wrote: >> >> Hi >> >> thanks for quick answer. >> Can you help me on how to use JNI with freeradius client?? >> >> >> 2010/8/27 Michael Lecuyer <m...@iterpacis.org >> <mailto:m...@iterpacis.org> >> <mailto:m...@iterpacis.org <mailto:m...@iterpacis.org>> >> <mailto:m...@iterpacis.org <mailto:m...@iterpacis.org> >> >> <mailto:m...@iterpacis.org <mailto:m...@iterpacis.org>>>> >> >> >> >> You have two methods: JNI (Java native interface) to >> call the >> Freeradius client or purchase a very good Java >> RADIUS Client API >> from AXLRadius.com >> >> >> On 2010-08-27 7:05 AM, Noura Kossentini wrote: >> >> Hi, >> >> In our company it's forbidden to use products >> with GPL >> License. >> So I ca >> not use Jradius client to connect my client >> application to a >> radius server. >> >> Since that FreeRadius is distributed under BSD, >> it's >> allowed to >> me to >> use this library. >> >> My queqtion is can you help me on how can I >> connect and >> authenticate my >> java application to a radius server using >> FreeRadius >> client?? >> >> Thanks in advance >> >> Regards >> Noura >> >> >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> >> >> >> >> >> >> >> >
<<33D.gif>>
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html