com.maverick.sshd.auth

Class OpenSshCertificateAuthenticationProvider

java.lang.Object

com.maverick.sshd.auth.OpenSshCertificateAuthenticationProvider

All Implemented Interfaces:

Authenticator, PublicKeyAuthenticationProvider

public class OpenSshCertificateAuthenticationProvider
extends Object
implements PublicKeyAuthenticationProvider

Constructor Summary

Constructors

Constructor and Description
OpenSshCertificateAuthenticationProvider(Collection<SshPublicKey> caPublicKeys)
OpenSshCertificateAuthenticationProvider(SshPublicKey... caPublicKey)

Method Summary

Modifier and Type	Method and Description
void	add(SshPublicKey key, String comment, Connection con)
void	addCAKey(SshPublicKey caKey)
Iterator<SshPublicKeyFile>	getKeys(Connection con)
boolean	isAuthorizedKey(SshPublicKey key, Connection con) Check the supplied public key against the users authorized keys.
void	remove(SshPublicKey key, Connection con)
void	removeKey(SshPublicKey caKey)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OpenSshCertificateAuthenticationProvider

public OpenSshCertificateAuthenticationProvider(SshPublicKey... caPublicKey)

OpenSshCertificateAuthenticationProvider

public OpenSshCertificateAuthenticationProvider(Collection<SshPublicKey> caPublicKeys)

Method Detail

addCAKey

public void addCAKey(SshPublicKey caKey)
              throws SshException

Throws:

SshException

removeKey

public void removeKey(SshPublicKey caKey)

isAuthorizedKey

public boolean isAuthorizedKey(SshPublicKey key,
                               Connection con)
                        throws IOException

Description copied from interface: PublicKeyAuthenticationProvider

Check the supplied public key against the users authorized keys. The actual verification of the key is performed by the server, you only need to return a value to indicate whether the key is authorized or not. You can obtain the username, home directory, group or remote socket address from the com.sshtools.server.PasswordAuthenticationProvider instance.

If your authorized key database is kept on the native file system you can obtain and initialize an instance as follows:

 NativeFileSystemProvider nfs = (NativeFileSystemProvider) authenticationProvider
                .getContext().getFileSystemProvider().newInstance();
 
 nfs.init(sessionid, null, authenticationProvider.getContext());
 

Don't forget to close any file handles and the file system once you've done accessing files.

Specified by:

isAuthorizedKey in interface PublicKeyAuthenticationProvider

Parameters:

key - SshPublicKey

con - connection

Returns:

boolean true if the key is an authorized key, otherwise false

Throws:

IOException

getKeys

public Iterator<SshPublicKeyFile> getKeys(Connection con)
                                   throws PermissionDeniedException,
                                          IOException

Specified by:

getKeys in interface PublicKeyAuthenticationProvider

Throws:

PermissionDeniedException

IOException

remove

public void remove(SshPublicKey key,
                   Connection con)
            throws IOException,
                   PermissionDeniedException,
                   SshException

Specified by:

remove in interface PublicKeyAuthenticationProvider

Throws:

IOException

PermissionDeniedException

SshException

add

public void add(SshPublicKey key,
                String comment,
                Connection con)
         throws IOException,
                PermissionDeniedException,
                SshException

Specified by:

add in interface PublicKeyAuthenticationProvider

Throws:

IOException

PermissionDeniedException

SshException