|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
public interface AuthenticationMechanism
Each authentication mechanism the server supports should implement
this interface. When an authentication request is received from the client
the server looks up the authentication method name, for example "password"
from the com.maverick.sshd.ConfigurationContext. To support a new type
of SSH authentication mechanism, or to overide an existing
implementation you should add its Class object to the ConfigurationContext. This
can be acheived by adding the following code to your
com.maverick.sshd.SshDaemon code implementation of the
com.maverick.sshd.SshDaemon#configure(ConfigurationContext) method.
protected void configure(ConfigurationContext context) {
context.supportedAuthenticationMechanisms().add(
"kerberos@sshtools.com",
Class.forName("com.sshtools.kerberos.SSHKerberos"));
}
The SSH protocol recommends that method names are in the name@domain.com syntax.
The server will initialize your authentication object first by calling the
init(com.maverick.sshd.TransportProtocol, com.maverick.sshd.AuthenticationProtocol, byte[]) method, you should save the variables provided as these will
be required to communicate back to the client. Once initialized the
transaction will be started by the server by calling the startRequest(java.lang.String, byte[])
method. Here you will be provided with the users' name and the request specific
data. How you proceed from here depends upon the authentication mechanism, in
the standard password authentication mechanism, the password is provided in the
request data and a native login takes place. If the authentication is
successful your implementation should call the AuthenticationProtocol.completedAuthentication()
method, if it fails call AuthenticationProtocol.failedAuthentication()
instead.
If your mechanism require further SSH messages to be sent you send them
using TransportProtocol.sendMessage(SshMessage) and
messages sent by the client will be received by your
processMessage(byte[])
implementation.
| Method Summary | |
|---|---|
java.lang.String |
getMethod()
Return the SSH method name for this authentication. |
void |
init(TransportProtocol transport,
AuthenticationProtocol authentication,
byte[] sessionid)
Initializes the mechanism with variables. |
boolean |
processMessage(byte[] msg)
If the SSH protocol authentication method defines additional messages which are sent from the client, they will be passed into your implementation here when received. |
boolean |
startRequest(java.lang.String username,
byte[] msg)
Start an authentication transaction. |
| Method Detail |
|---|
void init(TransportProtocol transport,
AuthenticationProtocol authentication,
byte[] sessionid)
throws java.io.IOException
transport - the transport protocolauthentication - the authentication protocolsessionid - the id of the current session.
java.io.IOException
boolean startRequest(java.lang.String username,
byte[] msg)
throws java.io.IOException
AuthenticationProtocol
instance that was passed in the initialization process. The request
data varies according to the authentication method.
if (success) authentication.completedAuthentication(method, username, service); else authentication.failedAuthentication(method);
msg - the request data from the SSH_MSG_USERAUTH_REQUEST message
java.io.IOException
boolean processMessage(byte[] msg)
throws java.io.IOException
msg -
java.io.IOExceptionjava.lang.String getMethod()
|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||