一、环境搭建
1、环境安装
yum install freeradius freeradius-utils
2、配置用户信息
修改配置文件/etc/raddb/users
增加用户信息如下
test111 Cleartext-Password := “password”
3、服务启动
以debug模式启动命令:radiusd -X
正常启动命令:
systemctl start radiusd
systemctl enable radiusd
4、服务关闭
killall -9 radiusd
5、测试
radtest test111 password localhost 1812 testing123
二、远程访问配置
1、修改配置文件:/etc/raddb/clients.conf
默认配置为本机访问,增加外部网络访问配置如下
client 192.168.0.0/24{
secret = testing123
}
2、测试
修改配置需要重新启动服务,在网段为192.168.0.0/24的机器上面执行命令
radtest test111 password localhost 1812 testing123
三、Jradius客户端的使用
1、环境依赖
<dependency>
<groupId>net.jradius</groupId>
<artifactId>jradius-client</artifactId>
<version>1.1.5</version>
</dependency>
2、代码示例
try {
AttributeFactory.loadAttributeDictionary(“net.jradius.dictionary.AttributeDictionaryImpl”);
InetAddress host = InetAddress.getByName("localhost");
RadiusClient rc = new RadiusClient(host, "teesting123"), 1812, 1813, 1000);
AttributeList attrs = new AttributeList();
attrs.add(new Attr_UserName"testing”));
attrs.add(new Attr_NASPortType(Attr_NASPortType.Wireless80211));
attrs.add(new Attr_NASPort(new Long(1)));
RadiusRequest request = new AccessRequest(rc, attrs);
request.addAttribute(new Attr_UserPassword("password"));
RadiusResponse reply = rc.authenticate((AccessRequest) request, new EAPMD5Authenticator() {
}, 5);
logger.info("Received:\n" + reply.toString());
boolean isAuthenticated = (reply instanceof AccessAccept);
String replyMessage = (String)reply.getAttributeValue(Attr_ReplyMessage.TYPE);
if (replyMessage != null) {
logger.info("Reply Message: " + replyMessage);
}
if (!isAuthenticated){
return false;
}
} catch (Exception e) {
return false;
}
return true;