Class AuthorizedKeysAuthenticator
- java.lang.Object
-
- org.apache.sshd.common.util.logging.AbstractLoggingBean
-
- org.apache.sshd.common.util.io.ModifiableFileWatcher
-
- org.apache.sshd.server.config.keys.AuthorizedKeysAuthenticator
-
- All Implemented Interfaces:
PublickeyAuthenticator
- Direct Known Subclasses:
DefaultAuthorizedKeysAuthenticator
public class AuthorizedKeysAuthenticator extends ModifiableFileWatcher implements PublickeyAuthenticator
Uses the authorized keys file to implementPublickeyAuthenticator
while automatically re-loading the keys if the file has changed when a new authentication request is received. Note: by default, the only validation of the username is that it is notnull
/empty - seeisValidUsername(String, ServerSession)
- Author:
- Apache MINA SSHD Project
-
-
Field Summary
Fields Modifier and Type Field Description static String
STD_AUTHORIZED_KEYS_FILENAME
Standard OpenSSH authorized keys file name-
Fields inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
options, STRICTLY_PROHIBITED_FILE_PERMISSION
-
Fields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
log
-
-
Constructor Summary
Constructors Constructor Description AuthorizedKeysAuthenticator(Path file)
AuthorizedKeysAuthenticator(Path file, LinkOption... options)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
authenticate(String username, PublicKey key, ServerSession session)
Check the validity of a public key.protected PublickeyAuthenticator
createDelegateAuthenticator(String username, ServerSession session, Path path, Collection<AuthorizedKeyEntry> entries, PublicKeyEntryResolver fallbackResolver)
static Path
getDefaultAuthorizedKeysFile()
protected PublicKeyEntryResolver
getFallbackPublicKeyEntryResolver()
protected boolean
isValidUsername(String username, ServerSession session)
static List<AuthorizedKeyEntry>
readDefaultAuthorizedKeys(OpenOption... options)
Reads read the contents of the default OpenSSHauthorized_keys
fileprotected Collection<AuthorizedKeyEntry>
reloadAuthorizedKeys(Path path, String username, ServerSession session)
protected PublickeyAuthenticator
resolvePublickeyAuthenticator(String username, ServerSession session)
-
Methods inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
checkReloadRequired, exists, getPath, lastModified, resetReloadAttributes, size, toPathResource, toPathResource, toString, updateReloadAttributes, validateStrictConfigFilePermissions
-
-
-
-
Field Detail
-
STD_AUTHORIZED_KEYS_FILENAME
public static final String STD_AUTHORIZED_KEYS_FILENAME
Standard OpenSSH authorized keys file name- See Also:
- Constant Field Values
-
-
Constructor Detail
-
AuthorizedKeysAuthenticator
public AuthorizedKeysAuthenticator(Path file)
-
AuthorizedKeysAuthenticator
public AuthorizedKeysAuthenticator(Path file, LinkOption... options)
-
-
Method Detail
-
authenticate
public boolean authenticate(String username, PublicKey key, ServerSession session)
Description copied from interface:PublickeyAuthenticator
Check the validity of a public key.- Specified by:
authenticate
in interfacePublickeyAuthenticator
- Parameters:
username
- the usernamekey
- the keysession
- the server session- Returns:
- a boolean indicating if authentication succeeded or not
-
isValidUsername
protected boolean isValidUsername(String username, ServerSession session)
-
resolvePublickeyAuthenticator
protected PublickeyAuthenticator resolvePublickeyAuthenticator(String username, ServerSession session) throws IOException, GeneralSecurityException
- Throws:
IOException
GeneralSecurityException
-
createDelegateAuthenticator
protected PublickeyAuthenticator createDelegateAuthenticator(String username, ServerSession session, Path path, Collection<AuthorizedKeyEntry> entries, PublicKeyEntryResolver fallbackResolver) throws IOException, GeneralSecurityException
- Throws:
IOException
GeneralSecurityException
-
getFallbackPublicKeyEntryResolver
protected PublicKeyEntryResolver getFallbackPublicKeyEntryResolver()
-
reloadAuthorizedKeys
protected Collection<AuthorizedKeyEntry> reloadAuthorizedKeys(Path path, String username, ServerSession session) throws IOException, GeneralSecurityException
- Throws:
IOException
GeneralSecurityException
-
getDefaultAuthorizedKeysFile
public static Path getDefaultAuthorizedKeysFile()
- Returns:
- The default
Path
location of the OpenSSH authorized keys file
-
readDefaultAuthorizedKeys
public static List<AuthorizedKeyEntry> readDefaultAuthorizedKeys(OpenOption... options) throws IOException
Reads read the contents of the default OpenSSHauthorized_keys
file- Parameters:
options
- TheOpenOption
s to use when reading the file- Returns:
- A
List
of all theAuthorizedKeyEntry
-ies found there - or empty if file does not exist - Throws:
IOException
- If failed to read keys from file
-
-