Class AuthorizedKeysAuthenticator
- java.lang.Object
-
- org.apache.sshd.common.util.logging.AbstractLoggingBean
-
- org.apache.sshd.common.util.io.ModifiableFileWatcher
-
- org.apache.sshd.server.config.keys.AuthorizedKeysAuthenticator
-
- All Implemented Interfaces:
PublickeyAuthenticator
- Direct Known Subclasses:
DefaultAuthorizedKeysAuthenticator
public class AuthorizedKeysAuthenticator extends ModifiableFileWatcher implements PublickeyAuthenticator
Uses the authorized keys file to implementPublickeyAuthenticator
while automatically re-loading the keys if the file has changed when a new authentication request is received. Note: by default, the only validation of the username is that it is notnull
/empty - seeisValidUsername(String, ServerSession)
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description private static class
AuthorizedKeysAuthenticator.LazyDefaultAuthorizedKeysFileHolder
-
Field Summary
Fields Modifier and Type Field Description private java.util.concurrent.atomic.AtomicReference<PublickeyAuthenticator>
delegateHolder
static java.lang.String
STD_AUTHORIZED_KEYS_FILENAME
Standard OpenSSH authorized keys file name-
Fields inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
options, STRICTLY_PROHIBITED_FILE_PERMISSION
-
Fields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
log
-
-
Constructor Summary
Constructors Constructor Description AuthorizedKeysAuthenticator(java.nio.file.Path file)
AuthorizedKeysAuthenticator(java.nio.file.Path file, java.nio.file.LinkOption... options)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
authenticate(java.lang.String username, java.security.PublicKey key, ServerSession session)
Check the validity of a public key.protected PublickeyAuthenticator
createDelegateAuthenticator(java.lang.String username, ServerSession session, java.nio.file.Path path, java.util.Collection<AuthorizedKeyEntry> entries, PublicKeyEntryResolver fallbackResolver)
static java.nio.file.Path
getDefaultAuthorizedKeysFile()
protected PublicKeyEntryResolver
getFallbackPublicKeyEntryResolver()
protected boolean
isValidUsername(java.lang.String username, ServerSession session)
static java.util.List<AuthorizedKeyEntry>
readDefaultAuthorizedKeys(java.nio.file.OpenOption... options)
Reads read the contents of the default OpenSSHauthorized_keys
fileprotected java.util.Collection<AuthorizedKeyEntry>
reloadAuthorizedKeys(java.nio.file.Path path, java.lang.String username, ServerSession session)
protected PublickeyAuthenticator
resolvePublickeyAuthenticator(java.lang.String username, ServerSession session)
-
Methods inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
checkReloadRequired, exists, getPath, lastModified, resetReloadAttributes, size, toPathResource, toPathResource, toString, updateReloadAttributes, validateStrictConfigFilePermissions
-
-
-
-
Field Detail
-
STD_AUTHORIZED_KEYS_FILENAME
public static final java.lang.String STD_AUTHORIZED_KEYS_FILENAME
Standard OpenSSH authorized keys file name- See Also:
- Constant Field Values
-
delegateHolder
private final java.util.concurrent.atomic.AtomicReference<PublickeyAuthenticator> delegateHolder
-
-
Method Detail
-
authenticate
public boolean authenticate(java.lang.String username, java.security.PublicKey key, ServerSession session)
Description copied from interface:PublickeyAuthenticator
Check the validity of a public key.- Specified by:
authenticate
in interfacePublickeyAuthenticator
- Parameters:
username
- the usernamekey
- the keysession
- the server session- Returns:
- a boolean indicating if authentication succeeded or not
-
isValidUsername
protected boolean isValidUsername(java.lang.String username, ServerSession session)
-
resolvePublickeyAuthenticator
protected PublickeyAuthenticator resolvePublickeyAuthenticator(java.lang.String username, ServerSession session) throws java.io.IOException, java.security.GeneralSecurityException
- Throws:
java.io.IOException
java.security.GeneralSecurityException
-
createDelegateAuthenticator
protected PublickeyAuthenticator createDelegateAuthenticator(java.lang.String username, ServerSession session, java.nio.file.Path path, java.util.Collection<AuthorizedKeyEntry> entries, PublicKeyEntryResolver fallbackResolver) throws java.io.IOException, java.security.GeneralSecurityException
- Throws:
java.io.IOException
java.security.GeneralSecurityException
-
getFallbackPublicKeyEntryResolver
protected PublicKeyEntryResolver getFallbackPublicKeyEntryResolver()
-
reloadAuthorizedKeys
protected java.util.Collection<AuthorizedKeyEntry> reloadAuthorizedKeys(java.nio.file.Path path, java.lang.String username, ServerSession session) throws java.io.IOException, java.security.GeneralSecurityException
- Throws:
java.io.IOException
java.security.GeneralSecurityException
-
getDefaultAuthorizedKeysFile
public static java.nio.file.Path getDefaultAuthorizedKeysFile()
- Returns:
- The default
Path
location of the OpenSSH authorized keys file
-
readDefaultAuthorizedKeys
public static java.util.List<AuthorizedKeyEntry> readDefaultAuthorizedKeys(java.nio.file.OpenOption... options) throws java.io.IOException
Reads read the contents of the default OpenSSHauthorized_keys
file- Parameters:
options
- TheOpenOption
s to use when reading the file- Returns:
- A
List
of all theAuthorizedKeyEntry
-ies found there - or empty if file does not exist - Throws:
java.io.IOException
- If failed to read keys from file
-
-