com.mindbright.ssh2
Class SSH2UserAuth

java.lang.Object
  extended bycom.mindbright.ssh2.SSH2UserAuth

public final class SSH2UserAuth
extends java.lang.Object

This class implements the user authentication layer of the secure shell version 2 (ssh2) protocol stack. It operates on a connected SSH2Transport and uses a SSH2Authenticator which contains the user's name and a list of one or more authentication methods (each coupled to a SSH2AuthModule instance) to try to authenticate the user.

To create a SSH2UserAuth instance a connected SSH2Transport and a SSH2Authenticator must be created first to be passed to the constructor. The constructor is passive in that it doesn't start any communication. To start the authentication process the method authenticateUser must be called. This method blocks (the authentication process is run in the calling thread) until either the user is authenticated or authentication fails.

While the authentication process runs events are reported through callbacks to the SSH2Authenticator. Each SSH2AuthModule instance (one active at a time) handles the actual processing and formatting of the packets specific to the authentication method it represents.

See Also:
SSH2Transport, SSH2Authenticator, SSH2AuthModule

Constructor Summary
SSH2UserAuth(SSH2Transport transport, SSH2Authenticator authenticator)
          This is the constructor.
 
Method Summary
 boolean authenticateUser(java.lang.String service)
          Authenticates the user represented by the authenticator to run the given service (currently "ssh-connection" is the only defined service).
 boolean authenticateUser(java.lang.String service, long timeout)
           
 SSH2TransportPDU createUserAuthRequest(java.lang.String method)
          Creates a packet of type USERAUTH_REQUEST (as defined in the userauth protocol spec.).
 SSH2Authenticator getAuthenticator()
          Gets our authenticator.
 SSH2Transport getTransport()
          Gets our transport layer.
 boolean isAuthenticated()
          Checks if the user represented by the SSH2Authenticator we process has been authenticated yet.
 void terminate()
          Terminates the authentication process.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SSH2UserAuth

public SSH2UserAuth(SSH2Transport transport,
                    SSH2Authenticator authenticator)
This is the constructor. It uses the transport layer. It takes a SSH2Authenticator which contains the user to authenticate and provides a list of the authentication methods to try. It is also used to report authentication events.

Parameters:
transport - the transport layer
authenticator - the authenticator containing authentication info for the user it represents.
Method Detail

getTransport

public SSH2Transport getTransport()
Gets our transport layer.

Returns:
the transport layer

getAuthenticator

public SSH2Authenticator getAuthenticator()
Gets our authenticator.

Returns:
the authenticator in use

authenticateUser

public boolean authenticateUser(java.lang.String service)
Authenticates the user represented by the authenticator to run the given service (currently "ssh-connection" is the only defined service). The authentication process is run in the callers thread hence the call blocks until either the user is authenticated or the authentication fails.

Parameters:
service - the service to request
Returns:
a boolean indicating whether authentication succeeded or not

authenticateUser

public boolean authenticateUser(java.lang.String service,
                                long timeout)

createUserAuthRequest

public SSH2TransportPDU createUserAuthRequest(java.lang.String method)
Creates a packet of type USERAUTH_REQUEST (as defined in the userauth protocol spec.). This is a convenience method which creates the whole packet given the method name (i.e. fills in username and service). It is typically used by SSH2AuthModule implementors to create the packet to return from the method startAuthentication.

Parameters:
method - the name of the authentication method
Returns:
the complete USERAUTH_REQUEST packet

terminate

public void terminate()
Terminates the authentication process.


isAuthenticated

public boolean isAuthenticated()
Checks if the user represented by the SSH2Authenticator we process has been authenticated yet.

Returns:
a boolean indicating if the user is authenticated or not