Interface UserAuthMethodFactory<S extends SessionContext,​M extends UserAuthInstance<S>>

    • Field Detail

      • PASSWORD

        static final java.lang.String PASSWORD
        Password authentication method name
        See Also:
        Constant Field Values
      • PUBLIC_KEY

        static final java.lang.String PUBLIC_KEY
        Public key authentication method name
        See Also:
        Constant Field Values
      • KB_INTERACTIVE

        static final java.lang.String KB_INTERACTIVE
        Keyboard interactive authentication method
        See Also:
        Constant Field Values
      • HOST_BASED

        static final java.lang.String HOST_BASED
        Host-based authentication method
        See Also:
        Constant Field Values
    • Method Detail

      • createUserAuth

        M createUserAuth​(S session)
                  throws java.io.IOException
        Parameters:
        session - The session for which authentication is required
        Returns:
        The authenticator instance
        Throws:
        java.io.IOException - If failed to create the instance
      • createUserAuth

        static <S extends SessionContext,​M extends UserAuthInstance<S>> M createUserAuth​(S session,
                                                                                               java.util.Collection<? extends UserAuthMethodFactory<S,​M>> factories,
                                                                                               java.lang.String name)
                                                                                        throws java.io.IOException
        Type Parameters:
        S - The type of SessionContext being provided to the instance creator
        M - The authentication method factory type
        Parameters:
        session - The session through which the request is being made
        factories - The available factories
        name - The requested factory name
        Returns:
        The created authenticator instance - null if no matching factory
        Throws:
        java.io.IOException - If failed to create the instance
      • isSecureAuthenticationTransport

        static boolean isSecureAuthenticationTransport​(SessionContext session)
        According to RFC 4252 - section 8:
              Both the server and the client should check whether the underlying
              transport layer provides confidentiality (i.e., if encryption is
              being used).  If no confidentiality is provided ("none" cipher),
              password authentication SHOULD be disabled.  If there is no
              confidentiality or no MAC, password change SHOULD be disabled.
         
        Parameters:
        session - The SessionContext being used for authentication
        Returns:
        true if the context is not null and the ciphers have been established to anything other than "none".
        See Also:
        CommonModuleProperties.ALLOW_INSECURE_AUTH, SessionContext.isSecureSessionTransport(SessionContext)