Package org.apache.sshd.server.auth.pubkey

Class CachingPublicKeyAuthenticator

java.lang.Object

org.apache.sshd.common.util.logging.AbstractLoggingBean

org.apache.sshd.server.auth.pubkey.CachingPublicKeyAuthenticator

All Implemented Interfaces:

PublickeyAuthenticator

public class CachingPublicKeyAuthenticator
extends AbstractLoggingBean
implements PublickeyAuthenticator

Caches the result per session - compensates for OpenSSH behavior where it sends 2 requests with the same key (see SSHD-300).

Field Summary

Fields

Modifier and Type	Field	Description
protected PublickeyAuthenticator	authenticator
static AttributeRepository.AttributeKey<java.util.Map<java.security.PublicKey,java.lang.Boolean>>	CACHE_ATTRIBUTE	The AttributeKey used to store the cached authentication results on the session instance

Fields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean

log

Constructor Summary

Constructors

Constructor	Description
CachingPublicKeyAuthenticator(PublickeyAuthenticator authenticator)

Method Summary

Modifier and Type	Method	Description
boolean	authenticate(java.lang.String username, java.security.PublicKey key, ServerSession session)	Checks whether the given PublicKey is allowed to be used for authenticating user "username" in a session.
protected java.util.Map<java.security.PublicKey,java.lang.Boolean>	resolveCachedResults(java.lang.String username, java.security.PublicKey key, ServerSession session)

Methods inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean

debug, debug, debug, debug, debug, error, error, error, error, error, getSimplifiedLogger, info, info, warn, warn, warn, warn, warn, warn, warn, warn

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CACHE_ATTRIBUTE

public static final AttributeRepository.AttributeKey<java.util.Map<java.security.PublicKey,java.lang.Boolean>> CACHE_ATTRIBUTE

The AttributeKey used to store the cached authentication results on the session instance

authenticator

protected final PublickeyAuthenticator authenticator

Constructor Detail

CachingPublicKeyAuthenticator

public CachingPublicKeyAuthenticator(PublickeyAuthenticator authenticator)

Method Detail

authenticate

public boolean authenticate(java.lang.String username,
                            java.security.PublicKey key,
                            ServerSession session)

Description copied from interface: PublickeyAuthenticator

Checks whether the given PublicKey is allowed to be used for authenticating user "username" in a session.

Note that the key may be a OpenSshCertificate. A typical implementation for a certificate would check that the certificate's CA key is known to be trusted as a certificate authority, and that the given user name is listed in the certificate's principals.

Specified by:

authenticate in interface PublickeyAuthenticator

Parameters:

username - the username

key - the key

session - the server session

Returns:

true if the key may be used; false otherwise

resolveCachedResults

protected java.util.Map<java.security.PublicKey,java.lang.Boolean> resolveCachedResults(java.lang.String username,
                                                                                              java.security.PublicKey key,
                                                                                              ServerSession session)