com.mindbright.ssh2
Interface SSH2AuthModule

All Known Implementing Classes:
SSH2AuthKbdInteract, SSH2AuthPassword, SSH2AuthPublicKey, SSH2AuthSSHComSecurID

public interface SSH2AuthModule

Defines an authentication module implementing an authentication method (as defined in the userauth protocol spec). Since authentication methods can be very different this interface is very simple and the class implementing it must handle the processing and formatting of the packets specific to the authentication method it implements. Each authentication module is associated with an authentication method name when adding it to the SSH2Authenticator with which it should be used.

An authentication module is started when SSH2UserAuth calls its startAuthentication method which must return the first packet to send to the peer to initiate this authentication method. After this the module gets all incoming method specific packets passed to its processMethodMessage method. This method is expected to return formatted packets which the peer end of the authentication wants in response. Exceptions that occur during the execution of a module is reported to the corresponding SSH2Authenticator. The special exception SSH2UserCancelException can be thrown to indicate that the user canceled this authentication method and that authentication should not continue.

Request packets can created with the convenience method createUserAuthRequest in SSH2UserAuth. Method specific packets are created with the ordinary createOutgoingPacket method in SSH2TransportPDU.

See Also:
SSH2UserAuth, SSH2Authenticator, SSH2TransportPDU

Method Summary
 void clearSensitiveData()
          Clean up any sensitive data in this authentication module.
 java.lang.String getStandardName()
          Should give the standard name of this module as used in the userauth protocol.
 SSH2TransportPDU processMethodMessage(SSH2UserAuth userAuth, SSH2TransportPDU pdu)
          Processes the given method specific packet and returns a new packet which will be sent to peer to continue the authentication.
 boolean retryPointless()
          Returns true if there is not any point in trying this method again after it has failed once.
 SSH2TransportPDU startAuthentication(SSH2UserAuth userAuth)
          Starts the execution of this module, called from the given SSH2UserAuth.
 

Method Detail

getStandardName

public java.lang.String getStandardName()
Should give the standard name of this module as used in the userauth protocol.

Returns:
the standard name of the module

startAuthentication

public SSH2TransportPDU startAuthentication(SSH2UserAuth userAuth)
                                     throws SSH2Exception
Starts the execution of this module, called from the given SSH2UserAuth.

Parameters:
userAuth - the authentication layer responsible
Returns:
the packet which starts this authentication method (i.e. when sent to peer)
Throws:
SSH2Exception - if an error occurs

processMethodMessage

public SSH2TransportPDU processMethodMessage(SSH2UserAuth userAuth,
                                             SSH2TransportPDU pdu)
                                      throws SSH2Exception
Processes the given method specific packet and returns a new packet which will be sent to peer to continue the authentication.

Parameters:
userAuth - the authentication layer responsible
pdu - the method specific packet
Returns:
the new packet to send to peer, or null if no packet should be sent.
Throws:
SSH2Exception - if an error occurs

clearSensitiveData

public void clearSensitiveData()
Clean up any sensitive data in this authentication module. This should be called once the authentication is done.


retryPointless

public boolean retryPointless()
Returns true if there is not any point in trying this method again after it has failed once.