jradius unsupport

jradius unsupport

README.md

@@ -21,7 +21,7 @@
 | 5       | FormBased				   |  中  |
 | 6       | TokenBased(Post/Cookie)	   |  中  |
 | 7       | ExtendApi				   |  低  |
-| 8       | ext						   |  低  |
+| 8       | EXT						   |  低  |
 
 2. 登录支持
 
@@ -30,12 +30,9 @@
 | 1       | 动态验证码   	| 
 | 2       | 双因素认证   	| 
 | 3       | Google Authenticator   	|
-| 4       | 微信/QQ  		| 
-| 5       | 微博			|  
-| 6       | 钉钉			|
-| 7       | Google			| 
-| 8       | Facebook	    | 
-| 9       | 其他社交账号	| 
+| 4       | Kerberos/Spengo/AD域|
+| 5       | 社交账号 微信/QQ/微博/钉钉/Google/Facebook/其他  | 
+
 
 3. 提供标准的认证接口以便于其他应用集成SSO，安全的移动接入，安全的API、第三方认证和互联网认证的整合。
 

build.gradle

@@ -256,10 +256,6 @@ subprojects {
          compile group: 'org.hibernate.validator', name: 'hibernate-validator', version: "${hibernateVersion}"
          compile group: 'org.hibernate', name: 'hibernate-validator-cdi', version: "${hibernateVersion}"
          compile group: 'org.hibernate.validator', name: 'hibernate-validator-annotation-processor', version: "${hibernateVersion}"
-        
-         //jradius
-         compile group: 'net.jradius', name: 'jradius-core', version: '1.1.5'
-         compile group: 'net.jradius', name: 'jradius-dictionary', version: '1.1.5'
          
          compile group: 'joda-time', name: 'joda-time', version: '2.10'
          compile group: 'org.yaml', name: 'snakeyaml', version: '1.24'

maxkey-authentications/src/main/java/org/maxkey/authn/realm/radius/RadiusProtocol.java

-package org.maxkey.authn.realm.radius;
-
-/**
- * RADIUS protocol enumeration.
- *
- */
-public enum RadiusProtocol {
-    
-    /** The chap. */
-    CHAP("chap"),
-    
-    /** The EA p_ m d5. */
-    EAP_MD5("eap-md5"),
-    
-    /** The EA p_ mscha pv2. */
-    EAP_MSCHAPv2("eap-mschapv2"),
-    
-    /** The eap tls. */
-    EAP_TLS("eap-tls"),
-    
-    /** The eap ttls pap. */
-    EAP_TTLS_PAP("eap-ttls:innerProtocol=pap"),
-    
-    /** The EA p_ ttl s_ ea p_ m d5. */
-    EAP_TTLS_EAP_MD5("eap-ttls:innerProtocol=eap-md5"),
-    
-    /** The EA p_ ttl s_ ea p_ mscha pv2. */
-    EAP_TTLS_EAP_MSCHAPv2("eap-ttls:innerProtocol=eap-mschapv2"),
-    
-    /** The MSCHA pv1. */
-    MSCHAPv1("mschapv1"),
-    
-    /** The MSCHA pv2. */
-    MSCHAPv2("mschapv2"),
-    
-    /** The pap. */
-    PAP("pap"),
-    
-    /** The peap. */
-    PEAP("peap");
-
-    /** The name. */
-    private final String name;
-
-    /**
-     * Instantiates a new radius protocol.
-     *
-     * @param name the name
-     */
-    RadiusProtocol(final String name) {
-        this.name = name;
-    }
-
-    /**
-     * Gets the radius protocol name required by {@link net.jradius.client.RadiusClient#getAuthProtocol(String)}.
-     *
-     * @return RADIUS protocol name known to {@link net.jradius.client.RadiusClient}.
-     */
-    public String getName() {
-        return this.name;
-    }
-}

maxkey-authentications/src/main/java/org/maxkey/authn/realm/radius/RadiusServer.java

-
-package org.maxkey.authn.realm.radius;
-
-
-import javax.validation.constraints.Min;
-import javax.validation.constraints.NotNull;
-
-import net.jradius.client.RadiusClient;
-import net.jradius.dictionary.Attr_NASIPAddress;
-import net.jradius.dictionary.Attr_NASIPv6Address;
-import net.jradius.dictionary.Attr_NASIdentifier;
-import net.jradius.dictionary.Attr_NASPort;
-import net.jradius.dictionary.Attr_NASPortId;
-import net.jradius.dictionary.Attr_NASPortType;
-import net.jradius.dictionary.Attr_ReplyMessage;
-import net.jradius.dictionary.Attr_UserName;
-import net.jradius.dictionary.Attr_UserPassword;
-import net.jradius.dictionary.vsa_redback.Attr_NASRealPort;
-import net.jradius.packet.AccessAccept;
-import net.jradius.packet.AccessRequest;
-import net.jradius.packet.RadiusPacket;
-import net.jradius.packet.attribute.AttributeList;
-
-import org.apache.commons.lang.StringUtils;
-import org.maxkey.authn.realm.IAuthenticationServer;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Implementation of a RadiusServer that utilizes the JRadius packages available
- * at <a href="http://jradius.sf.net">http://jradius.sf.net</a>.
- *
-
- */
-public final class RadiusServer extends RadiusServerBase  implements IAuthenticationServer{
-
-    /** Default retry count, {@value}. */
-    public static final int DEFAULT_RETRY_COUNT = 3;
-
-    /** Logger instance. */
-    private static final Logger _logger = LoggerFactory.getLogger(RadiusServer.class);
-
-    /** RADIUS protocol. */
-    @NotNull
-    private final RadiusProtocol protocol;
-
-    /** Number of times to retry authentication when no response is received. */
-    @Min(0)
-    private int retries = DEFAULT_RETRY_COUNT;
-
-    private String nasIpAddress = null;
-    
-    private String nasIpv6Address = null;
-    
-    private long nasPort = -1;
-    
-    private long nasPortId = -1;
-    
-    private long nasIdentifier = -1;
-    
-    private long nasRealPort = -1;
-    
-    private long nasPortType = -1;
-    
-
-    /**
-     * Instantiates a new server implementation
-     * with the radius protocol and client factory specified. 
-     *
-     * @param protocol the protocol
-     * @param clientFactory the client factory
-     */
-    public RadiusServer(final RadiusProtocol protocol) {
-        this.protocol = protocol;
-    }
-
-
-    public boolean authenticate(final String username, final String password) {
-
-        final AttributeList attributeList = new AttributeList();
-        
-        attributeList.add(new Attr_UserName(username));
-        attributeList.add(new Attr_UserPassword(password));
-
-        if (StringUtils.isNotBlank(this.nasIpAddress)) {
-            attributeList.add(new Attr_NASIPAddress(this.nasIpAddress));
-        }
-        if (StringUtils.isNotBlank(this.nasIpv6Address)) {
-            attributeList.add(new Attr_NASIPv6Address(this.nasIpv6Address));
-        }
-
-        if (this.nasPort != -1) {
-            attributeList.add(new Attr_NASPort(this.nasPort));
-        }
-        if (this.nasPortId != -1) {
-            attributeList.add(new Attr_NASPortId(this.nasPortId));
-        }
-        if (this.nasIdentifier != -1) {
-            attributeList.add(new Attr_NASIdentifier(this.nasIdentifier));
-        }
-        if (this.nasRealPort != -1) {
-            attributeList.add(new Attr_NASRealPort(this.nasRealPort));
-        }
-        if (this.nasPortType != -1) {
-            attributeList.add(new Attr_NASPortType(this.nasPortType));
-        }
-        
-        RadiusClient client = null;
-        try {
-            client = this.newInstance();
-            final AccessRequest request = new AccessRequest(client, attributeList);
-            final RadiusPacket response = client.authenticate(
-                    request,
-                    RadiusClient.getAuthProtocol(this.protocol.getName()),
-                    this.retries);
-
-            _logger.debug("RADIUS response from {}: {}", client.getRemoteInetAddress().getCanonicalHostName(),response.getClass().getName());
-            _logger.debug("Received : \n" + response.toString());
-            _logger.debug("RADIUS Response Identifier : " + response.getIdentifier());
-            _logger.debug("RADIUS Response code : " + response.getCode());
-
-		    _logger.debug("RADIUS Response AttributeList : " + response.getAttributes().getAttributeList());
-		    
-		    
-            if (response instanceof AccessAccept) {
-               // final AccessAccept acceptedResponse = (AccessAccept) response;
-               // _logger.debug("Accepted Response Message: " + acceptedResponse.CODE);
-                String responseMessage = (String) response.getAttributeValue(Attr_ReplyMessage.TYPE);
-   			 
-			    if (responseMessage != null){
-			    	_logger.debug("Accepted Response Message: " + responseMessage);
-			    }
-                return true;
-            }else if(response instanceof net.jradius.packet.AccessReject){
-            	_logger.debug("Access Reject  ." );
-            }else if (response instanceof net.jradius.packet.PasswordReject){
-            	_logger.debug("Password Reject . ");
-            }
-            
-        } catch (final Exception e) {
-            e.printStackTrace();      
-        } finally {
-            if (client != null) {
-                client.close();
-            }
-        }
-        return false;
-    }
-
-    
-    /**
-     * Sets the nas ip address.
-     *
-     * @param nasIpAddress the new nas ip address
-     * @since 4.1
-     */
-    public void setNasIpAddress(final String nasIpAddress) {
-        this.nasIpAddress = nasIpAddress;
-    }
-
-    /**
-     * Sets the nas ipv6 address.
-     *
-     * @param nasIpv6Address the new nas ipv6 address
-     * @since 4.1
-     */
-    public void setNasIpv6Address(final String nasIpv6Address) {
-        this.nasIpv6Address = nasIpv6Address;
-    }
-
-    /**
-     * Sets the nas port.
-     *
-     * @param nasPort the new nas port
-     * @since 4.1
-     */
-    public void setNasPort(final long nasPort) {
-        this.nasPort = nasPort;
-    }
-
-    /**
-     * Sets the nas port id.
-     *
-     * @param nasPortId the new nas port id
-     * @since 4.1
-     */
-    public void setNasPortId(final long nasPortId) {
-        this.nasPortId = nasPortId;
-    }
-
-    /**
-     * Sets the nas identifier.
-     *
-     * @param nasIdentifier the new nas identifier
-     * @since 4.1
-     */
-    public void setNasIdentifier(final long nasIdentifier) {
-        this.nasIdentifier = nasIdentifier;
-    }
-
-    /**
-     * Sets the nas real port.
-     *
-     * @param nasRealPort the new nas real port
-     * @since 4.1
-     */
-    public void setNasRealPort(final long nasRealPort) {
-        this.nasRealPort = nasRealPort;
-    }
-
-    /**
-     * Sets the nas port type.
-     *
-     * @param nasPortType the new nas port type
-     * @since 4.1
-     */
-    public void setNasPortType(final long nasPortType) {
-        this.nasPortType = nasPortType;
-    }
-
-    /**
-     * Sets the retries.
-     *
-     * @param retries the new retries
-     * @since 4.1
-     */
-    public void setRetries(final int retries) {
-        this.retries = retries;
-    }
-   
-}

maxkey-authentications/src/main/java/org/maxkey/authn/realm/radius/RadiusServerAuthenticationRealm.java

-package org.maxkey.authn.realm.radius;
-
-import java.util.List;
-
-import javax.validation.constraints.NotNull;
-import javax.validation.constraints.Size;
-
-import net.jradius.packet.attribute.AttributeFactory;
-
-import org.maxkey.authn.realm.AbstractAuthenticationRealm;
-import org.maxkey.authn.realm.IAuthenticationServer;
-import org.maxkey.domain.UserInfo;
-import org.maxkey.web.WebContext;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.security.authentication.BadCredentialsException;
-
-
-public class RadiusServerAuthenticationRealm extends AbstractAuthenticationRealm{
-	private final static Logger _logger = LoggerFactory.getLogger(RadiusServerAuthenticationRealm.class);
-
-	 /** Load the dictionary implementation. */
-    static {
-        AttributeFactory.loadAttributeDictionary("net.jradius.dictionary.AttributeDictionaryImpl");
-    }
-    
-    /** Array of RADIUS servers to authenticate against. */
-    @NotNull
-    @Size(min=1)
-    private List<IAuthenticationServer> jradiusServers;
-    
-    
-	/**
-	 * @param ldapCluster
-	 */
-	public RadiusServerAuthenticationRealm() {
-
-	}
-
-
-	@Override
-	public boolean passwordMatches(UserInfo userInfo, String password) {
-		 boolean isAuthenticated=false;
-		 for (final IAuthenticationServer radiusServer : this.jradiusServers) {
-            _logger.debug("Attempting to authenticate {} at {}", userInfo.getUsername(), radiusServer);
-            isAuthenticated= radiusServer.authenticate(userInfo.getUsername(), password);
-            if (isAuthenticated ) {
-            	return true;
-            }
-		 }
-		 if(!isAuthenticated){
-			 throw new BadCredentialsException(WebContext.getI18nValue("login.error.password"));
-		 }
-		return false;
-	}
-
-
-	public void setJradiusServers(List<IAuthenticationServer> jradiusServers) {
-		this.jradiusServers = jradiusServers;
-	}
-
-}

maxkey-authentications/src/main/java/org/maxkey/authn/realm/radius/RadiusServerBase.java

-
-package org.maxkey.authn.realm.radius;
-
-import java.io.IOException;
-import java.net.InetAddress;
-import java.net.UnknownHostException;
-
-import javax.validation.constraints.Min;
-import javax.validation.constraints.NotNull;
-
-import net.jradius.client.RadiusClient;
-
-/**
- * Factory for creating RADIUS client instances.
- *
- */
-public class RadiusServerBase {
-
-    /** The port to do accounting on. */
-    @Min(1)
-    private int accountingPort =1813;
-
-    /** The port to do authentication on. */
-    @Min(1)
-    private int authenticationPort = 1812;
-
-    /** Socket timeout in seconds. */
-    @Min(0)
-    private int socketTimeout = 30;
-
-    /** RADIUS server network address. */
-    @NotNull
-    private InetAddress inetAddress;
-
-    /** The shared secret to send to the RADIUS server. */
-    @NotNull
-    private String sharedSecret;
-
-    /**
-     * Sets the RADIUS server accounting port.
-     *
-     * @param port Accounting port number.
-     */
-    public void setAccountingPort(final int port) {
-        this.accountingPort = port;
-    }
-
-    /**
-     * Sets the RADIUS server authentication port.
-     *
-     * @param port Authentication port number.
-     */
-    public void setAuthenticationPort(final int port) {
-        this.authenticationPort = port;
-    }
-
-    /**
-     * Sets the RADIUS server UDP socket timeout.
-     *
-     * @param timeout Timeout in seconds; 0 for no timeout.
-     */
-    public void setSocketTimeout(final int timeout) {
-        this.socketTimeout = timeout;
-    }
-
-    /**
-     * RADIUS server network address.
-     *
-     * @param address Network address as a string.
-     */
-    public void setInetAddress(final String address) {
-        try {
-            this.inetAddress = InetAddress.getByName(address);
-        } catch (final UnknownHostException e) {
-            throw new RuntimeException("Invalid address " + address);
-        }
-    }
-
-    /**
-     * RADIUS server authentication shared secret.
-     *
-     * @param secret Shared secret.
-     */
-    public void setSharedSecret(final String secret) {
-        this.sharedSecret = secret;
-    }
-
-    /**
-     * Creates a new RADIUS client instance using factory configuration settings.
-     *
-     * @return New radius client instance.
-     * @throws IOException In case the transport method encounters an error.
-     */
-    public RadiusClient newInstance() throws IOException {
-        return new RadiusClient(
-                this.inetAddress, this.sharedSecret, this.authenticationPort, this.accountingPort, this.socketTimeout);
-    }
-}

maxkey-client-sdk/.classpath

@@ -10,6 +10,7 @@
 		<attributes>
 			<attribute name="gradle_scope" value="test"/>
 			<attribute name="gradle_used_by_scope" value="test"/>
+			<attribute name="test" value="true"/>
 		</attributes>
 	</classpathentry>
 	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8/"/>

maxkey-core/.classpath

@@ -10,6 +10,7 @@
 		<attributes>
 			<attribute name="gradle_scope" value="test"/>
 			<attribute name="gradle_used_by_scope" value="test"/>
+			<attribute name="test" value="true"/>
 		</attributes>
 	</classpathentry>
 	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8/"/>

maxkey-dao/.classpath

@@ -16,12 +16,14 @@
 		<attributes>
 			<attribute name="gradle_scope" value="test"/>
 			<attribute name="gradle_used_by_scope" value="test"/>
+			<attribute name="test" value="true"/>
 		</attributes>
 	</classpathentry>
 	<classpathentry kind="src" output="bin/test" path="src/test/resources">
 		<attributes>
 			<attribute name="gradle_scope" value="test"/>
 			<attribute name="gradle_used_by_scope" value="test"/>
+			<attribute name="test" value="true"/>
 		</attributes>
 	</classpathentry>
 	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8/"/>

maxkey-protocols/maxkey-protocol-cas/.classpath

@@ -10,6 +10,7 @@
 		<attributes>
 			<attribute name="gradle_scope" value="test"/>
 			<attribute name="gradle_used_by_scope" value="test"/>
+			<attribute name="test" value="true"/>
 		</attributes>
 	</classpathentry>
 	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8/"/>

maxkey-web-manage/.classpath

@@ -14,10 +14,6 @@
 	</classpathentry>
 	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8/"/>
 	<classpathentry kind="con" path="org.eclipse.jst.j2ee.internal.web.container"/>
-	<classpathentry kind="con" path="org.eclipse.buildship.core.gradleclasspathcontainer">
-		<attributes>
-			<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
-		</attributes>
-	</classpathentry>
+	<classpathentry kind="con" path="org.eclipse.buildship.core.gradleclasspathcontainer"/>
 	<classpathentry kind="output" path="bin/default"/>
 </classpath>

maxkey-web-maxkey/.classpath

@@ -16,14 +16,11 @@
 		<attributes>
 			<attribute name="gradle_scope" value="test"/>
 			<attribute name="gradle_used_by_scope" value="test"/>
+			<attribute name="test" value="true"/>
 		</attributes>
 	</classpathentry>
 	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8/"/>
 	<classpathentry kind="con" path="org.eclipse.jst.j2ee.internal.web.container"/>
-	<classpathentry kind="con" path="org.eclipse.buildship.core.gradleclasspathcontainer">
-		<attributes>
-			<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
-		</attributes>
-	</classpathentry>
+	<classpathentry kind="con" path="org.eclipse.buildship.core.gradleclasspathcontainer"/>
 	<classpathentry kind="output" path="bin/default"/>
 </classpath>