Testing Radiator Radius via PHP Client

1. Install Apache and PHP with radius module.

reference :
http://freeradius.org/mod_auth_radius/

(XAMPP Package has pre-installed radius module, you can use this for alternative installation)

2. Create a PHP script for the authentication test, use the content below.

<html>
<head><title>RSA Test</title></head>
<body bgcolor=#ffc7 text=#000000>
<?php
$challenge = false;
$loginAccepted = false;
$error = false;

if (isset($_POST['uname'])) {
$radius = radius_auth_open();

if (!radius_add_server($radius,'[IP ADDRESS]',[PORT],'[secret]',60,1)) {
$error = radius_strerror($radius);
} else if (!radius_create_request($radius,RADIUS_ACCESS_REQUEST)) {
$error = radius_strerror($radius);
} else {

radius_put_attr($radius,RADIUS_USER_NAME,$_POST['uname']);
if (isset($_POST['challenge'])) {
radius_put_attr($radius,RADIUS_USER_PASSWORD,$_POST['challenge']);
radius_put_attr($radius, RADIUS_STATE, $_POST['state']);
} else {
radius_put_attr($radius,RADIUS_USER_PASSWORD,$_POST['upw']);
}

$result = radius_send_request($radius);
if ($result == RADIUS_ACCESS_ACCEPT) {
$loginAccepted = true;

} else if ($result == RADIUS_ACCESS_REJECT) {
$loginAccepted = false;

} else if ($result == RADIUS_ACCESS_CHALLENGE) {
// When we get a challenge, return the response as the password
// and return RADIUS_STATE as given

$challenge = true;
$challengePrompt = false;
$challengeState = false;
$challengeStatus = false;

// loop through attributes.
while ($attrArray = radius_get_attr($radius)) {
if (!is_array($attrArray)) break;
if ($attrArray['attr'] == RADIUS_REPLY_MESSAGE) $challengePrompt =
$attrArray['data'];
if ($attrArray['attr'] == RADIUS_STATE) {
$challengeState = false;
$parts = explode('|', $attrArray['data']);
if (sizeof($parts) == 2) {
if (strlen($parts[0]) == 12) {
if (strcmp(substr($parts[0], 0, 8), "SECURID_") == 0) {
$challengeStatus = substr($parts[0], 8);
$challengeState = $attrArray['data'];
}
}
}
}
}
if ($challengePrompt === false) $error = "Error receiving challenge prompt";

} else {
$error = radius_strerror($radius);
}
}
if ($error !== false) {
print "There was an error trying to authenticate.<br>";
print "<i>" . $error . "</i><br>";
print "<hr>";
}
}
?>
<!-- PRESENT THE LOGIN FORM -->
<?
if ($challenge && (strcmp($challengeStatus, "WAIT") != 0)) {
print "<h1>SecurID Challenge</h1>";
} else if ($challenge && (strcmp($challengeStatus, "WAIT") == 0)) {
print "<h1>SecurID Response Accepted</h1>";
print "<h3>" . $challengePrompt . "</h3>";
} else if ($loginAccepted) {
print "<h1>SecurID Login Accepted</h1>";
// header("location: http://www.eyp.ph/hotspot");
} else if (!isset($_POST['uname'])) {
print "<h1>Radiator Radius Web Client</h1>";
} else {
print "<h1>SecurID Login Failure</h1>";
print "<h3>Please try again</h3>";
print "<em>(if after two tries, you're still getting a failure, try just your token code)</em>";
}
?>

<form action=<? print $_SERVER['PHP_SELF']; ?> method=POST>
Username: <input type=text name=uname size=30 value=""><br><br>

<!-- IF WE'RE NOT ANSWERING A CHALLENGE, PRESENT THE REGULAR PROMPT. -->
<!-- WAIT STATE MEANS WE JUST ANSWERED A RESPONSE SUCCESSFULLY. -->
<!-- ALSO SHOW REGULAR PROMPT AFTER ERROR -->
<? if (!$challenge || (strcmp($challengeStatus, "WAIT") == 0) || ($error !== false)) { ?>
Password: <input type=password name=upw size=30 value=""><br>
<? } else { ?>
<hr><? print $challengePrompt; ?><br>
Response: <input type=password name=challenge size=30 value=""><br>
<input type=hidden name=state value="<? print addslashes($challengeState); ?>">
<hr>
<? } ?>
<input type=submit name=submit value="Log In">
</form>
</body>
</html>

3. Find the line below and supply the IP Address, Port, and Secret of the radius server.

if (!radius_add_server($radius,'[IP ADDRESS]',[PORT],'[secret]',60,1)) {

4. Put the file in your apache web folder e.g. "/var/www/html"

5. You can now do the test via web e.g. "http://ipaddress/filename.php or http://server.com/filename.php"

Comments

Post a Comment

Popular posts from this blog

Radiator Radius Installation connecting to ORACLE (CentOS)

1. Download and install the Oracle client connectors. http://www.oracle.com/index.html oracle-instantclient-basic-10.2.0.3-1.i386.rpm oracle-instantclient-devel-10.2.0.3-1.i386.rpm oracle-instantclient-sqlplus-10.2.0.3-1.i386.rpm rpm -Uvh oracle-instantclient-basic-10.2.0.3-1.i386.rpm rpm -Uvh oracle-instantclient-devel-10.2.0.3-1.i386.rpm rpm -Uvh oracle-instantclient-sqlplus-10.2.0.3-1.i386.rpm 2. Set the environment variables. # ORACLE_HOME=/usr/lib/oracle/10.2.0.3/client/lib # export ORACLE_HOME # export LD_LIBRARY_PATH=$ORACLE_HOME # TNS_ADMIN=/usr/lib/oracle/10.2.0.3/client/admin # export TNS_ADMIN # mkdir /usr/lib/oracle/10.2.0.3/client/admin 3. Edit /etc/profiles and insert the lines below. ORACLE_HOME=/usr/lib/oracle/10.2.0.3/client/lib export ORACLE_HOME export LD_LIBRARY_PATH=$ORACLE_HOME TNS_ADMIN=/usr/lib/oracle/10.2.0.3/client/admin export TNS_ADMIN 4. Create a file "tnsnames.ora" and insert the settings below. SERVER1= (DESCRIPTION = (ADDRESS_LIST = (ADDRESS =
Read more

Scraping an Entire Website using LINUX

Web scraping (also called Web harvesting or Web data extraction) is a computer software technique of extracting information from websites. Usually, such software programs simulate human exploration of the Web by either implementing low-level Hypertext Transfer Protocol (HTTP), or embedding certain full-fledged Web browsers, such as the Internet Explorer (IE) and the Mozilla Web browser. Web scraping is closely related to Web indexing, which indexes Web content using a bot and is a universal technique adopted by most search engines. In contrast, Web scraping focuses more on the transformation of unstructured Web content, typically in HTML format, into structured data that can be stored and analyzed in a central local database or spreadsheet. Web scraping is also related to Web automation, which simulates human Web browsing using computer software. Exemplary uses of Web scraping include online price comparison, weather data monitoring, website change detection, Web research, Web content
Read more

How to enable clustering in Openfire Enterprise?

Image
What is clustering? A cluster is when you have several servers hosting the same domain. Before Openfire 3.4.0 it was possible to only have one machine hosting a domain. Even though a single machine can scale to very big numbers (e.g. more than 100K concurrent users) there is still a limit in the number of users you can scale. Moreover, if that machine suffers a problem and the server stops then all users will be affected. When using clustering you avoid those two problems. You will be naturally distributing the load among several machines thus even if one of them goes down the entire service will still continue to respond. The users that were connected to the machine that went down will just reconnect to any of the remaining machines. How do I use clustering in Openfire? Clustering is a commercial feature that is available in the Openfire Enterprise 3.4.0 or later. That means that you need to get Openfire Enterprise to be able to use clustering. If you have an existing Openfire Enterpr
Read more