com.sshtools.server

Class OpenSshCACertificateStoreImpl

java.lang.Object

com.sshtools.server.OpenSshCACertificateStoreImpl

All Implemented Interfaces:

Authenticator, PublicKeyAuthenticationProvider

public class OpenSshCACertificateStoreImpl
extends Object
implements PublicKeyAuthenticationProvider

Constructor Summary

Constructors

Constructor and Description
OpenSshCACertificateStoreImpl(Collection<SshPublicKey> caPublicKeys)
OpenSshCACertificateStoreImpl(SshPublicKey caPublicKey)

Method Summary

Modifier and Type	Method and Description
void	add(SshPublicKey key, String comment, Connection<SshServerContext> con)
void	addCAKey(SshPublicKey caKey)
Iterator<SshPublicKeyFile>	getKeys(Connection<SshServerContext> con)
boolean	isAuthorizedKey(SshPublicKey key, Connection<SshServerContext> con) Check the supplied public key against the users authorized keys.
void	remove(SshPublicKey key, Connection<SshServerContext> con)
void	removeKey(SshPublicKey caKey)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OpenSshCACertificateStoreImpl

public OpenSshCACertificateStoreImpl(SshPublicKey caPublicKey)

OpenSshCACertificateStoreImpl

public OpenSshCACertificateStoreImpl(Collection<SshPublicKey> caPublicKeys)

Method Detail

addCAKey

public void addCAKey(SshPublicKey caKey)
              throws SshException

Throws:

SshException

removeKey

public void removeKey(SshPublicKey caKey)

isAuthorizedKey

public boolean isAuthorizedKey(SshPublicKey key,
                               Connection<SshServerContext> con)

Description copied from interface: PublicKeyAuthenticationProvider

Check the supplied public key against the users authorized keys. The actual verification of the key is performed by the server, you only need to return a value to indicate whether the key is authorized or not. You can obtain the username, home directory, group or remote socket address from the PasswordAuthenticationProvider instance.

If your authorized key database is kept on the native file system you can obtain and initialize an instance as follows:

 NativeFileSystemProvider nfs = (NativeFileSystemProvider) authenticationProvider
                .getContext().getFileSystemProvider().newInstance();
 
 nfs.init(sessionid, null, authenticationProvider.getContext());
 

Don't forget to close any file handles and the file system once you've done accessing files.

Specified by:

isAuthorizedKey in interface PublicKeyAuthenticationProvider

Parameters:

key - SshPublicKey

con - connection

Returns:

boolean true if the key is an authorized key, otherwise false

getKeys

public Iterator<SshPublicKeyFile> getKeys(Connection<SshServerContext> con)
                                   throws PermissionDeniedException,
                                          IOException

Specified by:

getKeys in interface PublicKeyAuthenticationProvider

Throws:

PermissionDeniedException

IOException

remove

public void remove(SshPublicKey key,
                   Connection<SshServerContext> con)
            throws IOException,
                   PermissionDeniedException,
                   SshException

Specified by:

remove in interface PublicKeyAuthenticationProvider

Throws:

IOException

PermissionDeniedException

SshException

add

public void add(SshPublicKey key,
                String comment,
                Connection<SshServerContext> con)
         throws IOException,
                PermissionDeniedException,
                SshException

Specified by:

add in interface PublicKeyAuthenticationProvider

Throws:

IOException

PermissionDeniedException

SshException