| | |
|---|
| | | import com.google.common.base.Preconditions; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * |
|---|
| | | * |
|---|
| | | * @author Eric Myrhe |
|---|
| | | * |
|---|
| | | * |
|---|
| | | */ |
|---|
| | | public class CachingPublicKeyAuthenticator implements PublickeyAuthenticator, |
|---|
| | | SessionListener { |
|---|
| | | |
|---|
| | | protected final Logger log = LoggerFactory.getLogger(getClass()); |
|---|
| | | |
|---|
| | | protected final IKeyManager keyManager; |
|---|
| | | protected final IPublicKeyManager keyManager; |
|---|
| | | |
|---|
| | | protected final IAuthenticationManager authManager; |
|---|
| | | |
|---|
| | | private final Map<ServerSession, Map<PublicKey, Boolean>> cache = |
|---|
| | | new ConcurrentHashMap<ServerSession, Map<PublicKey, Boolean>>(); |
|---|
| | | |
|---|
| | | public CachingPublicKeyAuthenticator(IKeyManager keyManager, |
|---|
| | | public CachingPublicKeyAuthenticator(IPublicKeyManager keyManager, |
|---|
| | | IAuthenticationManager authManager) { |
|---|
| | | this.keyManager = keyManager; |
|---|
| | | this.authManager = authManager; |
|---|
| | |
|---|
| | | return result; |
|---|
| | | } |
|---|
| | | |
|---|
| | | protected boolean doAuthenticate(String username, PublicKey suppliedKey, |
|---|
| | | private boolean doAuthenticate(String username, PublicKey suppliedKey, |
|---|
| | | ServerSession session) { |
|---|
| | | SshDaemonClient client = session.getAttribute(SshDaemonClient.KEY); |
|---|
| | | Preconditions.checkState(client.getUser() == null); |
|---|
| | | username = username.toLowerCase(Locale.US); |
|---|
| | | List<PublicKey> keys = keyManager.getKeys(username); |
|---|
| | | List<SshKey> keys = keyManager.getKeys(username); |
|---|
| | | if (keys == null || keys.isEmpty()) { |
|---|
| | | log.info("{} has not added any public keys for ssh authentication", |
|---|
| | | username); |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | |
|---|
| | | for (PublicKey key : keys) { |
|---|
| | | for (SshKey key : keys) { |
|---|
| | | if (key.equals(suppliedKey)) { |
|---|
| | | UserModel user = authManager.authenticate(username, key); |
|---|
| | | if (user != null) { |
|---|
| | | client.setUser(user); |
|---|
| | | client.setKey(key); |
|---|
| | | return true; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | log.warn( |
|---|
| | | "could not authenticate {} for SSH using the supplied public key", |
|---|
| | | log.warn("could not authenticate {} for SSH using the supplied public key", |
|---|
| | | username); |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | |
|---|
| | | public IKeyManager getKeyManager() { |
|---|
| | | return keyManager; |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public void sessionCreated(Session session) { |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public void sessionEvent(Session sesssion, Event event) { |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public void sessionClosed(Session session) { |
|---|
| | | cache.remove(session); |
|---|
| | | } |
|---|
