Package org.apache.sshd.server
Interface ServerAuthenticationManager
-
- All Superinterfaces:
KeyPairProviderHolder
,UserAuthFactoriesManager<ServerSession,UserAuth,UserAuthFactory>
- All Known Subinterfaces:
ServerFactoryManager
,ServerSession
- All Known Implementing Classes:
AbstractServerSession
,ServerSessionImpl
,SshServer
public interface ServerAuthenticationManager extends UserAuthFactoriesManager<ServerSession,UserAuth,UserAuthFactory>, KeyPairProviderHolder
Holds providers and helpers related to the server side authentication process- Author:
- Apache MINA SSHD Project
-
-
Field Summary
Fields Modifier and Type Field Description static String
AUTH_METHODS
This key is used when configuring multi-step authentications.static String
AUTO_WELCOME_BANNER_VALUE
Special value that can be set for theWELCOME_BANNER
property indicating that the server should generate a banner consisting of the random art of the server's keys (if any are provided).static WelcomeBannerPhase
DEFAULT_BANNER_PHASE
Default value forWELCOME_BANNER_PHASE
if none specifiedstatic int
DEFAULT_MAX_AUTH_REQUESTS
Default value forMAX_AUTH_REQUESTS
if none configuredstatic UserAuthGSSFactory
DEFAULT_USER_AUTH_GSS_FACTORY
static UserAuthKeyboardInteractiveFactory
DEFAULT_USER_AUTH_KB_INTERACTIVE_FACTORY
static UserAuthPasswordFactory
DEFAULT_USER_AUTH_PASSWORD_FACTORY
static UserAuthPublicKeyFactory
DEFAULT_USER_AUTH_PUBLIC_KEY_FACTORY
static String
DEFAULT_WELCOME_BANNER_LANGUAGE
Default value forWELCOME_BANNER_LANGUAGE
is not overwrittenstatic String
MAX_AUTH_REQUESTS
Key used to retrieve the value in the configuration properties map of the maximum number of failed authentication requests before the server closes the connection.static String
WELCOME_BANNER
Key used to retrieve the value of welcome banner that will be displayed when a user connects to the server.static String
WELCOME_BANNER_CHARSET
The charset to use if the configured welcome banner points to a file - if not specified (either as a string or aCharset
then the local default is used.static String
WELCOME_BANNER_LANGUAGE
Key used to denote the language code for the welcome banner (if such a banner is configured).static String
WELCOME_BANNER_PHASE
TheWelcomeBannerPhase
value - either as an enum or a string
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Default Methods Modifier and Type Method Description GSSAuthenticator
getGSSAuthenticator()
Retrieve theGSSAuthenticator
to be used by the SSH server.HostBasedAuthenticator
getHostBasedAuthenticator()
Retrieve theHostBasedAuthenticator
to be used by the SSH server.KeyboardInteractiveAuthenticator
getKeyboardInteractiveAuthenticator()
Retrieve theKeyboardInteractiveAuthenticator
to be used by the SSH server.PasswordAuthenticator
getPasswordAuthenticator()
Retrieve thePasswordAuthenticator
to be used by the SSH server.PublickeyAuthenticator
getPublickeyAuthenticator()
Retrieve thePublickeyAuthenticator
to be used by SSH server.static List<UserAuthFactory>
resolveUserAuthFactories(ServerAuthenticationManager manager)
If user authentication factories already set, then simply returns them.static List<UserAuthFactory>
resolveUserAuthFactories(ServerAuthenticationManager manager, List<UserAuthFactory> userFactories)
If user authentication factories already set, then simply returns them.void
setGSSAuthenticator(GSSAuthenticator gssAuthenticator)
void
setHostBasedAuthenticator(HostBasedAuthenticator hostBasedAuthenticator)
void
setKeyboardInteractiveAuthenticator(KeyboardInteractiveAuthenticator interactiveAuthenticator)
void
setPasswordAuthenticator(PasswordAuthenticator passwordAuthenticator)
void
setPublickeyAuthenticator(PublickeyAuthenticator publickeyAuthenticator)
default void
setUserAuthFactoriesNames(Collection<String> names)
-
Methods inherited from interface org.apache.sshd.common.keyprovider.KeyPairProviderHolder
getKeyPairProvider, setKeyPairProvider
-
Methods inherited from interface org.apache.sshd.common.auth.UserAuthFactoriesManager
getUserAuthFactories, getUserAuthFactoriesNameList, getUserAuthFactoriesNames, setUserAuthFactories, setUserAuthFactoriesNameList, setUserAuthFactoriesNames
-
-
-
-
Field Detail
-
MAX_AUTH_REQUESTS
static final String MAX_AUTH_REQUESTS
Key used to retrieve the value in the configuration properties map of the maximum number of failed authentication requests before the server closes the connection.- See Also:
DEFAULT_MAX_AUTH_REQUESTS
, Constant Field Values
-
DEFAULT_MAX_AUTH_REQUESTS
static final int DEFAULT_MAX_AUTH_REQUESTS
Default value forMAX_AUTH_REQUESTS
if none configured- See Also:
- Constant Field Values
-
WELCOME_BANNER
static final String WELCOME_BANNER
Key used to retrieve the value of welcome banner that will be displayed when a user connects to the server. Ifnull
/empty then no banner will be sent. The value can be one of the following:-
A
File
orPath
, in which case its contents will be transmitted. Note: if the file is empty or does not exits, no banner will be transmitted. -
A
URI
or a string starting with "file:/", in which case it will be converted to aPath
and handled accordingly. -
A string containing a special value indicator - e.g.,
AUTO_WELCOME_BANNER_VALUE
, in which case the relevant banner content will be generated. -
Any other object whose
toString()
value yields a non empty string will be used as the banner contents.
- See Also:
- RFC-4252 section 5.4, Constant Field Values
-
A
-
AUTO_WELCOME_BANNER_VALUE
static final String AUTO_WELCOME_BANNER_VALUE
Special value that can be set for theWELCOME_BANNER
property indicating that the server should generate a banner consisting of the random art of the server's keys (if any are provided). If no server keys are available, then no banner will be sent- See Also:
- Constant Field Values
-
WELCOME_BANNER_LANGUAGE
static final String WELCOME_BANNER_LANGUAGE
Key used to denote the language code for the welcome banner (if such a banner is configured). If not set, thenDEFAULT_WELCOME_BANNER_LANGUAGE
is used- See Also:
- Constant Field Values
-
DEFAULT_WELCOME_BANNER_LANGUAGE
static final String DEFAULT_WELCOME_BANNER_LANGUAGE
Default value forWELCOME_BANNER_LANGUAGE
is not overwritten- See Also:
- Constant Field Values
-
WELCOME_BANNER_PHASE
static final String WELCOME_BANNER_PHASE
TheWelcomeBannerPhase
value - either as an enum or a string- See Also:
- Constant Field Values
-
DEFAULT_BANNER_PHASE
static final WelcomeBannerPhase DEFAULT_BANNER_PHASE
Default value forWELCOME_BANNER_PHASE
if none specified
-
WELCOME_BANNER_CHARSET
static final String WELCOME_BANNER_CHARSET
The charset to use if the configured welcome banner points to a file - if not specified (either as a string or aCharset
then the local default is used.- See Also:
- Constant Field Values
-
AUTH_METHODS
static final String AUTH_METHODS
This key is used when configuring multi-step authentications. The value needs to be a blank separated list of comma separated list of authentication method names. For example, an argument ofpublickey,password publickey,keyboard-interactive
would require the user to complete public key authentication, followed by either password or keyboard interactive authentication. Only methods that are next in one or more lists are offered at each stage, so for this example, it would not be possible to attempt password or keyboard-interactive authentication before public key.- See Also:
- Constant Field Values
-
DEFAULT_USER_AUTH_PUBLIC_KEY_FACTORY
static final UserAuthPublicKeyFactory DEFAULT_USER_AUTH_PUBLIC_KEY_FACTORY
-
DEFAULT_USER_AUTH_GSS_FACTORY
static final UserAuthGSSFactory DEFAULT_USER_AUTH_GSS_FACTORY
-
DEFAULT_USER_AUTH_PASSWORD_FACTORY
static final UserAuthPasswordFactory DEFAULT_USER_AUTH_PASSWORD_FACTORY
-
DEFAULT_USER_AUTH_KB_INTERACTIVE_FACTORY
static final UserAuthKeyboardInteractiveFactory DEFAULT_USER_AUTH_KB_INTERACTIVE_FACTORY
-
-
Method Detail
-
setUserAuthFactoriesNames
default void setUserAuthFactoriesNames(Collection<String> names)
- Specified by:
setUserAuthFactoriesNames
in interfaceUserAuthFactoriesManager<ServerSession,UserAuth,UserAuthFactory>
-
getPublickeyAuthenticator
PublickeyAuthenticator getPublickeyAuthenticator()
Retrieve thePublickeyAuthenticator
to be used by SSH server. If no authenticator has been configured (i.e. this method returnsnull
), then client authentication requests based on keys will be rejected.- Returns:
- the
PublickeyAuthenticator
ornull
-
setPasswordAuthenticator
void setPasswordAuthenticator(PasswordAuthenticator passwordAuthenticator)
-
getPasswordAuthenticator
PasswordAuthenticator getPasswordAuthenticator()
Retrieve thePasswordAuthenticator
to be used by the SSH server. If no authenticator has been configured (i.e. this method returnsnull
), then client authentication requests based on passwords will be rejected.- Returns:
- the
PasswordAuthenticator
ornull
-
setPublickeyAuthenticator
void setPublickeyAuthenticator(PublickeyAuthenticator publickeyAuthenticator)
-
getKeyboardInteractiveAuthenticator
KeyboardInteractiveAuthenticator getKeyboardInteractiveAuthenticator()
Retrieve theKeyboardInteractiveAuthenticator
to be used by the SSH server. If no authenticator has been configured (i.e. this method returnsnull
), then client authentication requests based on this method will be rejected.- Returns:
- The
KeyboardInteractiveAuthenticator
ornull
-
setKeyboardInteractiveAuthenticator
void setKeyboardInteractiveAuthenticator(KeyboardInteractiveAuthenticator interactiveAuthenticator)
-
getGSSAuthenticator
GSSAuthenticator getGSSAuthenticator()
Retrieve theGSSAuthenticator
to be used by the SSH server. If no authenticator has been configured (i.e. this method returnsnull
), then client authentication requests based on gssapi will be rejected.- Returns:
- the
GSSAuthenticator
ornull
-
setGSSAuthenticator
void setGSSAuthenticator(GSSAuthenticator gssAuthenticator)
-
getHostBasedAuthenticator
HostBasedAuthenticator getHostBasedAuthenticator()
Retrieve theHostBasedAuthenticator
to be used by the SSH server. If no authenticator has been configured (i.e. this method returnsnull
), then client authentication requests based on this method will be rejected.- Returns:
- the
HostBasedAuthenticator
ornull
-
setHostBasedAuthenticator
void setHostBasedAuthenticator(HostBasedAuthenticator hostBasedAuthenticator)
-
resolveUserAuthFactories
static List<UserAuthFactory> resolveUserAuthFactories(ServerAuthenticationManager manager)
If user authentication factories already set, then simply returns them. Otherwise, builds the factories list from the individual authenticators available for the manager - password public key, keyboard-interactive, GSS, etc...- Parameters:
manager
- TheServerAuthenticationManager
- ignored ifnull
- Returns:
- The resolved
List
ofNamedFactory
for theUserAuth
s - See Also:
resolveUserAuthFactories(ServerAuthenticationManager, List)
-
resolveUserAuthFactories
static List<UserAuthFactory> resolveUserAuthFactories(ServerAuthenticationManager manager, List<UserAuthFactory> userFactories)
If user authentication factories already set, then simply returns them. Otherwise, builds the factories list from the individual authenticators available for the manager - password public key, keyboard-interactive, GSS, etc...- Parameters:
manager
- TheServerAuthenticationManager
- ignored ifnull
userFactories
- The currently availableUserAuth
factories - if notnull
/empty then they are used as-is.- Returns:
- The resolved
List
ofNamedFactory
for theUserAuth
s
-
-