org.apache.sshd.common.auth

Interface UserAuthMethodFactory<S extends SessionContext,M extends UserAuthInstance<S>>

Type Parameters:

S - The type of SessionContext being provided to the instance creator

M - The authentication method factory type

All Superinterfaces:

NamedResource

All Known Subinterfaces:

UserAuthFactory, UserAuthFactory

All Known Implementing Classes:

AbstractUserAuthFactory, AbstractUserAuthFactory, AbstractUserAuthMethodFactory, UserAuthGSSFactory, UserAuthHostBasedFactory, UserAuthHostBasedFactory, UserAuthKeyboardInteractiveFactory, UserAuthKeyboardInteractiveFactory, UserAuthNoneFactory, UserAuthPasswordFactory, UserAuthPasswordFactory, UserAuthPublicKeyFactory, UserAuthPublicKeyFactory

public interface UserAuthMethodFactory<S extends SessionContext,M extends UserAuthInstance<S>>
extends NamedResource

Represents a user authentication method

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	ALLOW_INSECURE_AUTH If set to true then isSecureAuthenticationTransport(SessionContext) returns true even if transport is insecure.
static java.lang.String	ALLOW_NON_INTEGRITY_AUTH If set to true then isDataIntegrityAuthenticationTransport(SessionContext) returns true even if transport has no MAC(s) to verify message integrity
static boolean	DEFAULT_ALLOW_INSECURE_AUTH
static boolean	DEFAULT_ALLOW_NON_INTEGRITY_AUTH
static java.lang.String	HOST_BASED Host-based authentication method
static java.lang.String	KB_INTERACTIVE Keyboard interactive authentication method
static java.lang.String	PASSWORD Password authentication method name
static java.lang.String	PUBLIC_KEY Public key authentication method name

Fields inherited from interface org.apache.sshd.common.NamedResource

BY_NAME_COMPARATOR, NAME_EXTRACTOR

Method Summary

Modifier and Type	Method and Description
M	createUserAuth(S session)
static <S extends SessionContext,M extends UserAuthInstance<S>> M	createUserAuth(S session, java.util.Collection<? extends UserAuthMethodFactory<S,M>> factories, java.lang.String name)
static boolean	isDataIntegrityAuthenticationTransport(SessionContext session)
static boolean	isSecureAuthenticationTransport(SessionContext session) According to RFC 4252 - section 8:

Methods inherited from interface org.apache.sshd.common.NamedResource

findByName, getName, getNameList, getNames, ofName, removeByName

Field Detail

PASSWORD

static final java.lang.String PASSWORD

Password authentication method name

See Also:

Constant Field Values

PUBLIC_KEY

static final java.lang.String PUBLIC_KEY

Public key authentication method name

See Also:

Constant Field Values

KB_INTERACTIVE

static final java.lang.String KB_INTERACTIVE

Keyboard interactive authentication method

See Also:

Constant Field Values

HOST_BASED

static final java.lang.String HOST_BASED

Host-based authentication method

See Also:

Constant Field Values

ALLOW_INSECURE_AUTH

static final java.lang.String ALLOW_INSECURE_AUTH

If set to true then isSecureAuthenticationTransport(SessionContext) returns true even if transport is insecure.

See Also:

Constant Field Values

DEFAULT_ALLOW_INSECURE_AUTH

static final boolean DEFAULT_ALLOW_INSECURE_AUTH

See Also:

Constant Field Values

ALLOW_NON_INTEGRITY_AUTH

static final java.lang.String ALLOW_NON_INTEGRITY_AUTH

If set to true then isDataIntegrityAuthenticationTransport(SessionContext) returns true even if transport has no MAC(s) to verify message integrity

See Also:

Constant Field Values

DEFAULT_ALLOW_NON_INTEGRITY_AUTH

static final boolean DEFAULT_ALLOW_NON_INTEGRITY_AUTH

See Also:

Constant Field Values

Method Detail

createUserAuth

M createUserAuth(S session)
          throws java.io.IOException

Parameters:

session - The session for which authentication is required

Returns:

The authenticator instance

Throws:

java.io.IOException - If failed to create the instance

createUserAuth

static <S extends SessionContext,M extends UserAuthInstance<S>> M createUserAuth(S session,
                                                                                 java.util.Collection<? extends UserAuthMethodFactory<S,M>> factories,
                                                                                 java.lang.String name)
                                                                          throws java.io.IOException

Type Parameters:

S - The type of SessionContext being provided to the instance creator

M - The authentication method factory type

Parameters:

session - The session through which the request is being made

factories - The available factories

name - The requested factory name

Returns:

The created authenticator instance - null if no matching factory

Throws:

java.io.IOException - If failed to create the instance

isSecureAuthenticationTransport

static boolean isSecureAuthenticationTransport(SessionContext session)

According to RFC 4252 - section 8:

      Both the server and the client should check whether the underlying
      transport layer provides confidentiality (i.e., if encryption is
      being used).  If no confidentiality is provided ("none" cipher),
      password authentication SHOULD be disabled.  If there is no
      confidentiality or no MAC, password change SHOULD be disabled.
 

Parameters:

session - The SessionContext being used for authentication

Returns:

true if the context is not null and the ciphers have been established to anything other than "none".

See Also:

ALLOW_INSECURE_AUTH, SessionContext.isSecureSessionTransport(SessionContext)

isDataIntegrityAuthenticationTransport

static boolean isDataIntegrityAuthenticationTransport(SessionContext session)

Parameters:

session - The SessionContext being used for authentication

Returns:

true if the context is not null and the MAC(s) used to verify packet integrity have been established.

See Also:

ALLOW_NON_INTEGRITY_AUTH, SessionContext.isDataIntegrityTransport(SessionContext)