Package org.apache.sshd.common.session
Interface SessionDisconnectHandler
public interface SessionDisconnectHandler
Invoked when the internal session code decides it should disconnect a session due to some consideration. Usually
allows intervening in the decision and even canceling it.
- Author:
- Apache MINA SSHD Project
-
Method Summary
Modifier and TypeMethodDescriptiondefault boolean
handleAuthCountDisconnectReason
(Session session, Service service, String serviceName, String method, String user, int currentAuthCount, int maxAuthCount) Invoked if the number of authentication attempts exceeded the maximum alloweddefault boolean
handleAuthParamsDisconnectReason
(Session session, Service service, String authUser, String username, String authService, String serviceName) Invoked if the authentication parameters changed in mid-authentication process.default boolean
handleKexDisconnectReason
(Session session, Map<KexProposalOption, String> c2sOptions, Map<KexProposalOption, String> s2cOptions, Map<KexProposalOption, String> negotiatedGuess, KexProposalOption option) Invoked if after KEX negotiation parameters resolved one of the options violates some internal constraint (e.g., cannot negotiate a value, or RFC 8308 - section 2.2).default boolean
handleSessionsCountDisconnectReason
(Session session, Service service, String username, int currentSessionCount, int maxSessionCount) Called to inform that the maximum allowed concurrent sessions threshold has been exceeded.default boolean
handleTimeoutDisconnectReason
(Session session, TimeoutIndicator timeoutStatus) Invoked when an internal timeout has expired (e.g., authentication, idle).default boolean
handleUnsupportedServiceDisconnectReason
(Session session, int cmd, String serviceName, Buffer buffer) Invoked when a request has been made related to an unknown SSH service as described in RFC 4253 - section 10.
-
Method Details
-
handleTimeoutDisconnectReason
default boolean handleTimeoutDisconnectReason(Session session, TimeoutIndicator timeoutStatus) throws IOException Invoked when an internal timeout has expired (e.g., authentication, idle).- Parameters:
session
- The session whose timeout has expiredtimeoutStatus
- The expired timeout- Returns:
true
if expired timeout should be reset (i.e., no disconnect). Iffalse
then session will disconnect due to the expired timeout- Throws:
IOException
- If failed to handle the event
-
handleSessionsCountDisconnectReason
default boolean handleSessionsCountDisconnectReason(Session session, Service service, String username, int currentSessionCount, int maxSessionCount) throws IOException Called to inform that the maximum allowed concurrent sessions threshold has been exceeded. Note: when handler is invoked the session is not yet marked as having been authenticated, nor has the authentication success been acknowledged to the peer.- Parameters:
session
- The session that caused the excessservice
- TheService
instance through which the request was receivedusername
- The authenticated username that is associated with the session.currentSessionCount
- The current sessions countmaxSessionCount
- The maximum allowed sessions count- Returns:
true
if accept the exceeding session regardless of the threshold. Iffalse
then exceeding session will be disconnected- Throws:
IOException
- If failed to handle the event, Note: choosing to ignore this disconnect reason does not reset the current concurrent sessions counter in any way - i.e., the handler will be re-invoked every time the threshold is exceeded.- See Also:
-
handleUnsupportedServiceDisconnectReason
default boolean handleUnsupportedServiceDisconnectReason(Session session, int cmd, String serviceName, Buffer buffer) throws IOException Invoked when a request has been made related to an unknown SSH service as described in RFC 4253 - section 10.- Parameters:
session
- The session through which the command was receivedcmd
- The service related commandserviceName
- The service namebuffer
- Any extra data received in the packet containing the request- Returns:
true
if disregard the request (e.g., the handler handled it)- Throws:
IOException
- If failed to handle the request
-
handleAuthCountDisconnectReason
default boolean handleAuthCountDisconnectReason(Session session, Service service, String serviceName, String method, String user, int currentAuthCount, int maxAuthCount) throws IOException Invoked if the number of authentication attempts exceeded the maximum allowed- Parameters:
session
- The session being authenticatedservice
- TheService
instance through which the request was receivedserviceName
- The authentication service namemethod
- The authentication method nameuser
- The authentication usernamecurrentAuthCount
- The authentication attempt countmaxAuthCount
- The maximum allowed attempts- Returns:
true
if OK to ignore the exceeded attempt count and allow more attempts. Note: choosing to ignore this disconnect reason does not reset the current count - i.e., it will be re-invoked on the next attempt.- Throws:
IOException
- If failed to handle the event
-
handleAuthParamsDisconnectReason
default boolean handleAuthParamsDisconnectReason(Session session, Service service, String authUser, String username, String authService, String serviceName) throws IOException Invoked if the authentication parameters changed in mid-authentication process.- Parameters:
session
- The session being authenticatedservice
- TheService
instance through which the request was receivedauthUser
- The original username being authenticatedusername
- The requested usernameauthService
- The original authentication service nameserviceName
- The requested service name- Returns:
true
if OK to ignore the change- Throws:
IOException
- If failed to handle the event
-
handleKexDisconnectReason
default boolean handleKexDisconnectReason(Session session, Map<KexProposalOption, String> c2sOptions, Map<KexProposalOption, throws IOExceptionString> s2cOptions, Map<KexProposalOption, String> negotiatedGuess, KexProposalOption option) Invoked if after KEX negotiation parameters resolved one of the options violates some internal constraint (e.g., cannot negotiate a value, or RFC 8308 - section 2.2).- Parameters:
session
- The session where the violation occurredc2sOptions
- The client optionss2cOptions
- The server optionsnegotiatedGuess
- The negotiated KEX optionsoption
- The violatingKexProposalOption
- Returns:
true
if disregard the violation - iffalse
then session will disconnect- Throws:
IOException
- if attempted to exchange some packets to fix the situation
-