rlm_jradius
JRadius is a Java RADIUS client and server framework. As a client, it
provides a pure Java interface. When ran as a (pure Java) server, JRadius
listens for requests from the rlm_jradius module running in FreeRADIUS. The
module sends JRadius the RADIUS request, reply, and the internal FreeRADIUS
'config_items' attribute list and returns the same after processing.
Configuring rlm_jradius for use with a running JRadius server starts with
the module definition, in jradius.conf, as follows:
jradius {
name = "example" # Name of the JRadius Application
# (known as "Sender" in JRadius)
primary = "127.0.0.1" # Primary JRadius Server
# (using default port of 1814)
secondary = "192.168.1.2:1815" # Secondary JRadius Server (port 1815)
tertiary = "192.168.1.2:1816" # Tertiary JRadius Server
timeout = 1 # JRadius Server Connect Timeout (default 5)
onfail = NOOP # What to do if no JRadius
# Server is found. Options are:
# FAIL (default), OK, REJECT, NOOP
keepalive = yes # Keep connections to JRadius pooled
connections = 8 # Number of pooled JRadius connections
allow_codechange = yes # Allow the changing the RADIUS code/type
allow_idchange = yes # Allow the change of the RADIUS pkt id
}
The 'name' can be used in the JRadius server to define a specific logic
"chain" of handlers. Three JRadius servers can be defined for redundancy -
making it easier to upgrade JRadius and its handlers. It is recommended to
run the FreeRADIUS module in 'keepalive' mode whereby connections to JRadius
are pool, similar to the rlm_sql module.
The jradius.conf configuration file then needs to be included into the
radiusd.conf modules block, for instance:
modules {
...
$INCLUDE ${confdir}/jradius.conf
}
And the 'jradius' module must be added to the appropriate handler blocks,
commonly:
authorize {
...
jradius
}
preacct {
...
jradius
}
accounting {
...
jradius
}
...and so on...
JRadius Quick-start:
Starting JRadius server:
wget http://jradius.net/dist/jradius-current.zip
unzip jradius-current.zip
cd jradius
sh jradius.sh
Running the JRadius Simulator:
sh jRadiusSimulator.sh
Using RadClient:
echo "User-Name = test" > radius.pkt
echo "User-Password = test" >> radius.pkt
sh radclient.sh localhost testing123 radius.pkt
To build a new jradius-dictionary.jar for your specific FreeRADIUS
dictionary, see the ant's build.xml or maven's dictionary/pom.xml in the
source svn.
JRadius does have some Vendor Specific Attributes; see dictionary.jradius
and ensure it is included in your main dictionary file.
For more information, see http://jradius.net/