com.maverick.ssh2

Class AuthenticationProtocol

java.lang.Object

com.maverick.ssh2.AuthenticationProtocol

public class AuthenticationProtocol
extends Object

Main implementation of the SSH Authentication Protocol. This class is used by AuthenticationClient implementations and exposes a readMessage() method that is used to read authentication method specific messages and sendRequest method to send authenticaiton requests.

.

By using these method's the protocol is also able to detect when authentication has succeeded or failed and when this happens an AuthenticationResult is thrown. The following detailed example shows how to use at the higest level. See the PasswordAuthentication implementation for how to implement such a method.

    try {
     TransportProtocol transport = new TransportProtocol();
     transport.ignoreHostKeyVerification(true);
     transport.startTransportProtocol(new SocketProvider("mars", 10022));

     AuthenticationProtocol authentication = new AuthenticationProtocol(transport);

     authentication.setBannerDisplay(new BannerDisplay() {
      public void displayBanner(String message) {
        System.out.println(message);

        try {
          System.out.println("Press enter to continue..."
                             );
          System.in.read();
        } catch(Exception e) { };
      }
     });

     StringTokenizer tokens = new StringTokenizer(
         authentication.getAuthenticationMethods("lee", "ssh-connection"), ",");

     int count = 1;

     System.out.println("Available authentication methods");

     while(tokens.hasMoreElements()) {
       System.out.println(String.valueOf(count++)
                          + ". "
                          + tokens.nextElement());
     }

     System.out.println("\nAttempting password authentication\n");

     PasswordAuthentication pwd = new PasswordAuthentication();

     int result;

     BufferedReader reader = new BufferedReader(new InputStreamReader(
             System.in));
     do {
       // Get the username and password if we have not already sent it
       if(!pwd.requiresPasswordChange()) {

         System.out.print("Username: ");
         pwd.setUsername(reader.readLine());

         System.out.print("Password: ");
         pwd.setPassword(reader.readLine());
       } else {
         // We have already failed and need to change the password.
         System.out.println("You need to change your password!");
         System.out.print("New Password: ");
         pwd.setNewPassword(reader.readLine());
       }

       result = authentication.authenticate(pwd, "ssh-connection");

     } while(result!=AuthenticationResult.COMPLETE &&
             result!=AuthenticationResult.CANCELLED);

     System.out.println("Authentication "
                        + (result==AuthenticationResult.COMPLETE
                        ? "completed" : "cancelled"));

   } catch(Throwable t) {
     t.printStackTrace();
   }
 

Author:

Lee David Painter

Field Summary

Fields

Modifier and Type	Field and Description
static String	SERVICE_NAME The name of this service "ssh-userauth"
static int	SSH_MSG_USERAUTH_REQUEST

Constructor Summary

Constructors

Constructor and Description
AuthenticationProtocol(TransportProtocol transport) Construct the protocol using the given transport

Method Summary

Modifier and Type	Method and Description
int	authenticate(AuthenticationClient auth, String servicename) Authenticate using the mechanism provided.
String	getAuthenticationMethods(String username, String servicename) Get a list of available authentication methods for the user.
Ssh2Client	getClient()
String	getHost()
SshKeyExchangeClient	getKeyExchange()
byte[]	getSessionIdentifier()
boolean	isAuthenticated() Determine whether the protocol has made a sucessfull authentication attempt.
byte[]	readMessage() Read a message from the underlying transport layer.
void	sendMessage(byte[] messg)
void	sendRequest(String username, String servicename, String methodname, byte[] requestdata) Send an authentication request.
void	setBannerDisplay(BannerDisplay display) Set a callback interface for banner messages.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

SSH_MSG_USERAUTH_REQUEST

public static final int SSH_MSG_USERAUTH_REQUEST

See Also:

Constant Field Values

SERVICE_NAME

public static final String SERVICE_NAME

The name of this service "ssh-userauth"

See Also:

Constant Field Values

Constructor Detail

AuthenticationProtocol

public AuthenticationProtocol(TransportProtocol transport)
                       throws SshException

Construct the protocol using the given transport

Parameters:

transport -

Throws:

SshException

Method Detail

getKeyExchange

public SshKeyExchangeClient getKeyExchange()

setBannerDisplay

public void setBannerDisplay(BannerDisplay display)

Set a callback interface for banner messages. It is advisable to pause processing within the callback implementation to allow the user time to read and accept the message.

Parameters:

display -

readMessage

public byte[] readMessage()
                   throws SshException,
                          AuthenticationResult

Read a message from the underlying transport layer. This method processes the incoming message to determine whether it is an SSH_MSG_USERAUTH_SUCCESS or SSH_MSG_USERAUTH_FAILURE. If these messages are detected an AuthenticationResult is thrown.

Returns:

the next available message

Throws:

SshException

AuthenticationResult

authenticate

public int authenticate(AuthenticationClient auth,
                        String servicename)
                 throws SshException

Authenticate using the mechanism provided.

Parameters:

auth -

servicename -

Returns:

Any of the constants defined in AuthenticationResult

Throws:

SshException

getAuthenticationMethods

public String getAuthenticationMethods(String username,
                                       String servicename)
                                throws SshException

Get a list of available authentication methods for the user. It is advisable to call this method after contsructing the protocol instance and setting a BannerDisplay. If the server has a banner message to display it is most likely that the server will send it before completing this list.

Parameters:

username -

servicename -

Returns:

a comma delimited list of authentication methods.

Throws:

SshException

sendRequest

public void sendRequest(String username,
                        String servicename,
                        String methodname,
                        byte[] requestdata)
                 throws SshException

Send an authentication request. This sends an SSH_MSG_USERAUTH_REQUEST message.

Parameters:

username -

servicename -

methodname -

requestdata - the request data as defined by the authentication specification

Throws:

SshException

isAuthenticated

public boolean isAuthenticated()

Determine whether the protocol has made a sucessfull authentication attempt.

Returns:

true if the user is authenticated, otherwise false

getSessionIdentifier

public byte[] getSessionIdentifier()

sendMessage

public void sendMessage(byte[] messg)
                 throws SshException

Throws:

SshException

getHost

public String getHost()

getClient

public Ssh2Client getClient()