Prevent simultaneous access Tinyradius

Asked

Viewed 100 times

0

I’m using the Tinyradius in a Java EE application and in this application the simultaneous access of the same user cannot be allowed, but Tinyradius itself does not implement such a requirement.

I’ve thought of some ways to prevent this access:

  • If the user successfully authenticates, log this access into a database. When the user logs out, remove this record
  • If the user successfully authenticates, add this user into a List. When the user loans, remove it from the List

But what if the Radius client doesn’t report for some reason ( disconnection or other problem ) that the user has disconnected? In previous solutions the user would get lost in List or in the Database and the next authentication would not be allowed.

How can I get around such a situation?

Here is an implementation of Radiusserver

public class TestServer {

public static void main(String[] args) 
throws IOException, Exception {
    RadiusServer server = new RadiusServer() {
        // Authorize localhost/testing123
                    @Override
        public String getSharedSecret(InetSocketAddress client) {
            //if (client.getAddress().getHostAddress().equals("0.0.0.0"))
                return "1234";
            //else
            //  return null;
        }

        // Authenticate mw
        public String getUserPassword(String userName) {
                        System.out.println("Requisitando password... //////////////////////////////////////////////////////////////////////////////////////");
            if (userName.equals("gtragoso"))
                return "gtragoso";
            else
                return null;
        }

        // Adds an attribute to the Access-Accept packet
                    @Override
        public RadiusPacket accessRequestReceived(AccessRequest accessRequest, InetSocketAddress client) 
        throws RadiusException {
            System.out.println("Received Access-Request:\n" + accessRequest);
            RadiusPacket packet = super.accessRequestReceived(accessRequest, client);
            if (packet.getPacketType() == RadiusPacket.ACCESS_ACCEPT){
                                    System.out.println("Definindo banda... ///////////////////////////////////////////////////////////////////////////////////");
                                    packet.addAttribute("WISPr-Bandwidth-Max-Down", "256000");
                                    packet.addAttribute("WISPr-Bandwidth-Max-Up", "32000");
                packet.addAttribute("Reply-Message", "Welcome " + accessRequest.getUserName() + "!");
                            }
            if (packet == null)
                System.out.println("Ignore packet.");
            else
                System.out.println("Answer:\n" + packet);

            return packet;
        }

                    public RadiusPacket accountingRequestReceived(AccountingRequest accountingRequest, InetSocketAddress client) 
                    throws RadiusException {
                            RadiusPacket answer = new RadiusPacket(RadiusPacket.ACCOUNTING_RESPONSE, accountingRequest.getPacketIdentifier());
                            copyProxyState(accountingRequest, answer);
                            return answer;
                    }
    };

        server.setAuthPort(1645);

        server.setAcctPort(1646);

    server.start(true, true);

    System.out.println("Server started.");

    Thread.sleep(1000*60*30);
    System.out.println("Stop server");
    server.stop();
}
java java-ee

  • Then you can create a "session" type that removes the user after 'x' minutes without interaction with the system.

  • @Renan believes that this would not work, because after connecting the user no longer communicates with Radius (only to dislodge).

No answers

Browser other questions tagged java java-ee

You are not signed in. Login or sign up in order to post.