org.apache.sshd.server.auth.gss
Class UserAuthGSS

java.lang.Object
  extended by org.apache.sshd.server.auth.gss.UserAuthGSS
All Implemented Interfaces:
HandshakingUserAuth, UserAuth

public class UserAuthGSS
extends Object
implements HandshakingUserAuth

Prototype user authentication handling gssapi-with-mic. Implements HandshakingUserAuth because the process involves several steps. Several methods are available for overriding in specific circumstances.


Nested Class Summary
static class UserAuthGSS.Factory
          Factory class.
 
Field Summary
static Oid KRB5_MECH
           
static Oid KRB5_NT_PRINCIPAL
           
 
Constructor Summary
UserAuthGSS()
           
 
Method Summary
 Boolean auth(ServerSession sess, String user, Buffer buff)
          Handle the first authentication step.
 void destroy()
          Free any system resources used by the module.
 String getUserName()
          Get a user name which has been derived from the handshaking process, or the initial name if nothing has been found.
 boolean handles(SshConstants.Message msg)
          Check whether a particular message is handled here.
 Boolean next(ServerSession session, SshConstants.Message msg, Buffer buffer)
          Handle another step in the authentication process.
 void setServiceName(String service)
          Set the service name from the original request.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

KRB5_MECH

public static final Oid KRB5_MECH

KRB5_NT_PRINCIPAL

public static final Oid KRB5_NT_PRINCIPAL
Constructor Detail

UserAuthGSS

public UserAuthGSS()
Method Detail

auth

public Boolean auth(ServerSession sess,
                    String user,
                    Buffer buff)
             throws Exception
Handle the first authentication step.

Specified by:
auth in interface UserAuth
Parameters:
sess - The server session
user - The user name from the request
buff - The request buffer
Returns:
True or false if the authentication succeeded, or null to continue further
Throws:
Exception - If something went wrong

setServiceName

public void setServiceName(String service)
Set the service name from the original request. This may be required for MIC verification later.

Specified by:
setServiceName in interface HandshakingUserAuth
Parameters:
service - The service name

handles

public boolean handles(SshConstants.Message msg)
Check whether a particular message is handled here.

Specified by:
handles in interface HandshakingUserAuth
Parameters:
msg - The message
Returns:
true if the message is handled

next

public Boolean next(ServerSession session,
                    SshConstants.Message msg,
                    Buffer buffer)
             throws Exception
Handle another step in the authentication process.

Specified by:
next in interface HandshakingUserAuth
Parameters:
session - the current ssh session
buffer - the request buffer containing parameters specific to this request
msg - The message type
Returns:
true if the authentication succeeded, false if the authentication is not finished yet
Throws:
Exception - if the authentication fails

getUserName

public String getUserName()
                   throws GSSException
Get a user name which has been derived from the handshaking process, or the initial name if nothing has been found.

Specified by:
getUserName in interface HandshakingUserAuth
Returns:
The user name
Throws:
GSSException

destroy

public void destroy()
Free any system resources used by the module.

Specified by:
destroy in interface HandshakingUserAuth


Copyright © 2008-2012 Apache Software Foundation. All Rights Reserved.