com.maverick.ssh2
Class AuthenticationProtocol

java.lang.Object
  extended bycom.maverick.ssh2.AuthenticationProtocol

public class AuthenticationProtocol
extends java.lang.Object

Main implementation of the SSH Authentication Protocol. This class is used by AuthenticationClient implementations and exposes a readMessage() method that is used to read authentication method specific messages and sendRequest method to send authenticaiton requests.

.

By using these method's the protocol is also able to detect when authentication has succeeded or failed and when this happens an AuthenticationResult is thrown. The following detailed example shows how to use at the higest level. See the PasswordAuthentication implementation for how to implement such a method.

    try {
     TransportProtocol transport = new TransportProtocol();
     transport.ignoreHostKeyVerification(true);
     transport.startTransportProtocol(new SocketProvider("mars", 10022));

     AuthenticationProtocol authentication = new AuthenticationProtocol(transport);

     authentication.setBannerDisplay(new BannerDisplay() {
      public void displayBanner(String message) {
        System.out.println(message);

        try {
          System.out.println("Press enter to continue..."
                             );
          System.in.read();
        } catch(Exception e) { };
      }
     });

     StringTokenizer tokens = new StringTokenizer(
         authentication.getAuthenticationMethods("lee", "ssh-connection"), ",");

     int count = 1;

     System.out.println("Available authentication methods");

     while(tokens.hasMoreElements()) {
       System.out.println(String.valueOf(count++)
                          + ". "
                          + tokens.nextElement());
     }

     System.out.println("\nAttempting password authentication\n");

     PasswordAuthentication pwd = new PasswordAuthentication();

     int result;

     BufferedReader reader = new BufferedReader(new InputStreamReader(
             System.in));
     do {
       // Get the username and password if we have not already sent it
       if(!pwd.requiresPasswordChange()) {

         System.out.print("Username: ");
         pwd.setUsername(reader.readLine());

         System.out.print("Password: ");
         pwd.setPassword(reader.readLine());
       } else {
         // We have already failed and need to change the password.
         System.out.println("You need to change your password!");
         System.out.print("New Password: ");
         pwd.setNewPassword(reader.readLine());
       }

       result = authentication.authenticate(pwd, "ssh-connection");

     } while(result!=AuthenticationResult.COMPLETE &&
             result!=AuthenticationResult.CANCELLED);

     System.out.println("Authentication "
                        + (result==AuthenticationResult.COMPLETE
                        ? "completed" : "cancelled"));

   } catch(Throwable t) {
     t.printStackTrace();
   }
 

Author:
Lee David Painter

Field Summary
static java.lang.String SERVICE_NAME
          The name of this service "ssh-userauth"
 
Constructor Summary
AuthenticationProtocol(TransportProtocol transport)
          Construct the protocol using the given transport
 
Method Summary
 int authenticate(AuthenticationClient auth, java.lang.String servicename)
          Authenticate using the mechanism provided.
 java.lang.String getAuthenticationMethods(java.lang.String username, java.lang.String servicename)
          Get a list of available authentication methods for the user.
 byte[] getSessionIdentifier()
           
 boolean isAuthenticated()
          Determine whether the protocol has made a sucessfull authentication attempt.
 byte[] readMessage()
          Read a message from the underlying transport layer.
 void sendRequest(java.lang.String username, java.lang.String servicename, java.lang.String methodname, byte[] requestdata)
          Send an authentication request.
 void setBannerDisplay(BannerDisplay display)
          Set a callback interface for banner messages.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

SERVICE_NAME

public static final java.lang.String SERVICE_NAME
The name of this service "ssh-userauth"

See Also:
Constant Field Values
Constructor Detail

AuthenticationProtocol

public AuthenticationProtocol(TransportProtocol transport)
                       throws SshException
Construct the protocol using the given transport

Parameters:
transport -
Throws:
SshException
Method Detail

setBannerDisplay

public void setBannerDisplay(BannerDisplay display)
Set a callback interface for banner messages. It is advisable to pause processing within the callback implementation to allow the user time to read and accept the message.

Parameters:
display -

readMessage

public byte[] readMessage()
                   throws SshException,
                          com.maverick.ssh2.AuthenticationResult
Read a message from the underlying transport layer. This method processes the incoming message to determine whether it is an SSH_MSG_USERAUTH_SUCCESS or SSH_MSG_USERAUTH_FAILURE. If these messages are detected an AuthenticationResult is thrown.

Returns:
the next available message
Throws:
SshException
AuthenticationResult

authenticate

public int authenticate(AuthenticationClient auth,
                        java.lang.String servicename)
                 throws SshException
Authenticate using the mechanism provided.

Parameters:
auth -
servicename -
Returns:
Any of the constants defined in AuthenticationResult
Throws:
SshException

getAuthenticationMethods

public java.lang.String getAuthenticationMethods(java.lang.String username,
                                                 java.lang.String servicename)
                                          throws SshException
Get a list of available authentication methods for the user. It is advisable to call this method after contsructing the protocol instance and setting a BannerDisplay. If the server has a banner message to display it is most likely that the server will send it before completing this list.

Parameters:
username -
servicename -
Returns:
a comma delimited list of authentication methods.
Throws:
SshException

sendRequest

public void sendRequest(java.lang.String username,
                        java.lang.String servicename,
                        java.lang.String methodname,
                        byte[] requestdata)
                 throws SshException
Send an authentication request. This sends an SSH_MSG_USERAUTH_REQUEST message.

Parameters:
username -
servicename -
methodname -
requestdata - the request data as defined by the authentication specification
Throws:
SshException

isAuthenticated

public boolean isAuthenticated()
Determine whether the protocol has made a sucessfull authentication attempt.

Returns:
true if the user is authenticated, otherwise false

getSessionIdentifier

public byte[] getSessionIdentifier()


Copyright © 2003 3SP LTD. All Rights Reserved.