public class AuthorizedKeysAuthenticator extends ModifiableFileWatcher implements PublickeyAuthenticator
PublickeyAuthenticator
while automatically re-loading the keys if
the file has changed when a new authentication request is received. Note: by default, the only validation of
the username is that it is not null
/empty - see isValidUsername(String, ServerSession)
Modifier and Type | Field and Description |
---|---|
static String |
STD_AUTHORIZED_KEYS_FILENAME
Standard OpenSSH authorized keys file name
|
options, STRICTLY_PROHIBITED_FILE_PERMISSION
log
Constructor and Description |
---|
AuthorizedKeysAuthenticator(Path file) |
AuthorizedKeysAuthenticator(Path file,
LinkOption... options) |
Modifier and Type | Method and Description |
---|---|
boolean |
authenticate(String username,
PublicKey key,
ServerSession session)
Check the validity of a public key.
|
protected PublickeyAuthenticator |
createDelegateAuthenticator(String username,
ServerSession session,
Path path,
Collection<AuthorizedKeyEntry> entries,
PublicKeyEntryResolver fallbackResolver) |
static Path |
getDefaultAuthorizedKeysFile() |
protected PublicKeyEntryResolver |
getFallbackPublicKeyEntryResolver() |
protected boolean |
isValidUsername(String username,
ServerSession session) |
static List<AuthorizedKeyEntry> |
readDefaultAuthorizedKeys(OpenOption... options)
Reads read the contents of the default OpenSSH
authorized_keys file |
protected Collection<AuthorizedKeyEntry> |
reloadAuthorizedKeys(Path path,
String username,
ServerSession session) |
protected PublickeyAuthenticator |
resolvePublickeyAuthenticator(String username,
ServerSession session) |
checkReloadRequired, exists, getPath, lastModified, resetReloadAttributes, size, toPathResource, toPathResource, toString, updateReloadAttributes, validateStrictConfigFilePermissions
debug, debug, debug, debug, debug, error, error, error, error, error, getSimplifiedLogger, info, info, warn, warn, warn, warn, warn, warn, warn, warn
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
fromAuthorizedEntries
public static final String STD_AUTHORIZED_KEYS_FILENAME
public AuthorizedKeysAuthenticator(Path file)
public AuthorizedKeysAuthenticator(Path file, LinkOption... options)
public boolean authenticate(String username, PublicKey key, ServerSession session)
PublickeyAuthenticator
authenticate
in interface PublickeyAuthenticator
username
- the usernamekey
- the keysession
- the server sessionprotected boolean isValidUsername(String username, ServerSession session)
protected PublickeyAuthenticator resolvePublickeyAuthenticator(String username, ServerSession session) throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
protected PublickeyAuthenticator createDelegateAuthenticator(String username, ServerSession session, Path path, Collection<AuthorizedKeyEntry> entries, PublicKeyEntryResolver fallbackResolver) throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
protected PublicKeyEntryResolver getFallbackPublicKeyEntryResolver()
protected Collection<AuthorizedKeyEntry> reloadAuthorizedKeys(Path path, String username, ServerSession session) throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
public static Path getDefaultAuthorizedKeysFile()
Path
location of the OpenSSH authorized keys filepublic static List<AuthorizedKeyEntry> readDefaultAuthorizedKeys(OpenOption... options) throws IOException
authorized_keys
fileoptions
- The OpenOption
s to use when reading the fileList
of all the AuthorizedKeyEntry
-ies found there - or empty if file does
not existIOException
- If failed to read keys from fileCopyright © 2008–2024 The Apache Software Foundation. All rights reserved.