... | ... | @@ -5,8 +5,9 @@ A [RADIUS](https://en.wikipedia.org/wiki/RADIUS) authentication server uses a ve |
|
|
* **Access-Accept**
|
|
|
* **Access-Reject**
|
|
|
* **Access-Challenge**
|
|
|
|
|
|
![RADIUS Authentication and Authorization Flow (Wikipedia)](uploads/4301f536421b7338a24c1c445454c5c3/radius-aa.png)
|
|
|
|
|
|
The first tests were done with the **radtest** freeradius client over IP and IPv6.
|
|
|
The first tests were done with the `radtest` freeradius client over IP and IPv6.
|
|
|
|
|
|
As the idp is written in Java, we had to test a Java client; **[TinyRadius, a Java Radius library](http://tinyradius.sourceforge.net/)** provides what is needed for a client to authenticate a user on a radius server. A crude run of the provided **TestClient** Java program and some tcpdump network traces can be found in the [radius-otp.pdf document](uploads/3eb417258a304e9ffb4ca61961aef9bc/radius-otp.pdf). The TinyRadius library doesn't work over IPv6 :-( |
|
|
As the idp is written in Java, we had to test a Java client; [TinyRadius, a Java Radius library](http://tinyradius.sourceforge.net/) provides what is needed for a client to authenticate a user on a radius server. A crude run of the provided `TestClient` Java program and some tcpdump network traces can be found in the [radius-otp.pdf document](uploads/3eb417258a304e9ffb4ca61961aef9bc/radius-otp.pdf). The TinyRadius library doesn't work over IPv6 :-( |