public class AuthorizedKeysAuthenticator extends ModifiableFileWatcher implements PublickeyAuthenticator
PublickeyAuthenticator
while automatically re-loading the keys if
the file has changed when a new authentication request is received. Note: by default, the only validation of
the username is that it is not null
/empty - see isValidUsername(String, ServerSession)
Modifier and Type | Class and Description |
---|---|
private static class |
AuthorizedKeysAuthenticator.LazyDefaultAuthorizedKeysFileHolder |
Modifier and Type | Field and Description |
---|---|
private java.util.concurrent.atomic.AtomicReference<PublickeyAuthenticator> |
delegateHolder |
static java.lang.String |
STD_AUTHORIZED_KEYS_FILENAME
Standard OpenSSH authorized keys file name
|
options, STRICTLY_PROHIBITED_FILE_PERMISSION
log
Constructor and Description |
---|
AuthorizedKeysAuthenticator(java.nio.file.Path file) |
AuthorizedKeysAuthenticator(java.nio.file.Path file,
java.nio.file.LinkOption... options) |
Modifier and Type | Method and Description |
---|---|
boolean |
authenticate(java.lang.String username,
java.security.PublicKey key,
ServerSession session)
Check the validity of a public key.
|
protected PublickeyAuthenticator |
createDelegateAuthenticator(java.lang.String username,
ServerSession session,
java.nio.file.Path path,
java.util.Collection<AuthorizedKeyEntry> entries,
PublicKeyEntryResolver fallbackResolver) |
static java.nio.file.Path |
getDefaultAuthorizedKeysFile() |
protected PublicKeyEntryResolver |
getFallbackPublicKeyEntryResolver() |
protected boolean |
isValidUsername(java.lang.String username,
ServerSession session) |
static java.util.List<AuthorizedKeyEntry> |
readDefaultAuthorizedKeys(java.nio.file.OpenOption... options)
Reads read the contents of the default OpenSSH
authorized_keys file |
protected java.util.Collection<AuthorizedKeyEntry> |
reloadAuthorizedKeys(java.nio.file.Path path,
java.lang.String username,
ServerSession session) |
protected PublickeyAuthenticator |
resolvePublickeyAuthenticator(java.lang.String username,
ServerSession session) |
checkReloadRequired, exists, getPath, lastModified, resetReloadAttributes, size, toPathResource, toPathResource, toString, updateReloadAttributes, validateStrictConfigFilePermissions
debug, debug, debug, debug, debug, error, error, error, error, error, getSimplifiedLogger, info, info, warn, warn, warn, warn, warn, warn, warn, warn
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
fromAuthorizedEntries
public static final java.lang.String STD_AUTHORIZED_KEYS_FILENAME
private final java.util.concurrent.atomic.AtomicReference<PublickeyAuthenticator> delegateHolder
public AuthorizedKeysAuthenticator(java.nio.file.Path file)
public AuthorizedKeysAuthenticator(java.nio.file.Path file, java.nio.file.LinkOption... options)
public boolean authenticate(java.lang.String username, java.security.PublicKey key, ServerSession session)
PublickeyAuthenticator
authenticate
in interface PublickeyAuthenticator
username
- the usernamekey
- the keysession
- the server sessionprotected boolean isValidUsername(java.lang.String username, ServerSession session)
protected PublickeyAuthenticator resolvePublickeyAuthenticator(java.lang.String username, ServerSession session) throws java.io.IOException, java.security.GeneralSecurityException
java.io.IOException
java.security.GeneralSecurityException
protected PublickeyAuthenticator createDelegateAuthenticator(java.lang.String username, ServerSession session, java.nio.file.Path path, java.util.Collection<AuthorizedKeyEntry> entries, PublicKeyEntryResolver fallbackResolver) throws java.io.IOException, java.security.GeneralSecurityException
java.io.IOException
java.security.GeneralSecurityException
protected PublicKeyEntryResolver getFallbackPublicKeyEntryResolver()
protected java.util.Collection<AuthorizedKeyEntry> reloadAuthorizedKeys(java.nio.file.Path path, java.lang.String username, ServerSession session) throws java.io.IOException, java.security.GeneralSecurityException
java.io.IOException
java.security.GeneralSecurityException
public static java.nio.file.Path getDefaultAuthorizedKeysFile()
Path
location of the OpenSSH authorized keys filepublic static java.util.List<AuthorizedKeyEntry> readDefaultAuthorizedKeys(java.nio.file.OpenOption... options) throws java.io.IOException
authorized_keys
fileoptions
- The OpenOption
s to use when reading the fileList
of all the AuthorizedKeyEntry
-ies found there - or empty if file does
not existjava.io.IOException
- If failed to read keys from file