Save This Page
1 /*
2 * SSHTools - Java SSH2 API
3 *
4 * Copyright (C) 2002-2003 Lee David Painter and Contributors.
5 *
6 * Contributions made by:
7 *
8 * Brett Smith
9 * Richard Pernavas
10 * Erwin Bolwidt
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version 2
15 * of the License, or (at your option) any later version.
16 *
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
25 */
26 package com.sshtools.daemon.authentication;
27
28 import com.sshtools.daemon.platform;
29
30 import com.sshtools.j2ssh.authentication;
31 import com.sshtools.j2ssh.transport;
32
33 import org.apache.commons.logging;
34
35 import java.io;
36
37 import java.util;
38
39
40 /**
41 *
42 *
43 * @author $author$
44 * @version $Revision: 1.10 $
45 */
46 public class KBIPasswordAuthenticationServer extends SshAuthenticationServer {
47 private static Log log = LogFactory.getLog(KBIPasswordAuthenticationServer.class);
48
49 /**
50 *
51 *
52 * @return
53 */
54 public final String getMethodName() {
55 return "keyboard-interactive";
56 }
57
58 /**
59 *
60 *
61 * @param tokens
62 */
63 public void setAuthenticatedTokens(Map tokens) {
64 }
65
66 /**
67 *
68 *
69 * @param authentication
70 * @param msg
71 *
72 * @return
73 *
74 * @throws IOException
75 */
76 public int authenticate(AuthenticationProtocolServer authentication,
77 SshMsgUserAuthRequest msg) throws IOException { //, Map nativeSettings)
78
79 NativeAuthenticationProvider authImpl = NativeAuthenticationProvider.getInstance();
80
81 if (authImpl == null) {
82 log.error(
83 "Cannot perfrom authentication witout native authentication provider");
84
85 return AuthenticationProtocolState.FAILED;
86 }
87
88 authentication.registerMessage(SshMsgUserAuthInfoResponse.SSH_MSG_USERAUTH_INFO_RESPONSE,
89 SshMsgUserAuthInfoResponse.class);
90
91 SshMsgUserAuthInfoRequest info = new SshMsgUserAuthInfoRequest("Password authentication",
92 "", "");
93 info.addPrompt(msg.getUsername() + "'s password", false);
94 authentication.sendMessage(info);
95
96 SshMessage response = authentication.readMessage();
97
98 if (response instanceof SshMsgUserAuthInfoResponse) {
99 String[] responses = ((SshMsgUserAuthInfoResponse) response).getResponses();
100
101 if (responses.length == 1) {
102 String password = responses[0];
103
104 try {
105 if (authImpl.logonUser(msg.getUsername(), password)) { //, nativeSettings)) {
106 log.info(msg.getUsername() +
107 " has passed password authentication");
108
109 return AuthenticationProtocolState.COMPLETE;
110 } else {
111 log.info(msg.getUsername() +
112 " has failed password authentication");
113
114 return AuthenticationProtocolState.FAILED;
115 }
116 } catch (PasswordChangeException ex) {
117 info = new SshMsgUserAuthInfoRequest("Password change required",
118 "", "");
119 info.addPrompt("New password", false);
120 info.addPrompt("Confirm password", false);
121 authentication.sendMessage(info);
122 response = authentication.readMessage();
123
124 if (response instanceof SshMsgUserAuthInfoResponse) {
125 responses = ((SshMsgUserAuthInfoResponse) response).getResponses();
126
127 if (responses.length == 2) {
128 if (responses[0].equals(responses[1])) {
129 if (authImpl.changePassword(msg.getUsername(),
130 password, responses[0])) {
131 return AuthenticationProtocolState.COMPLETE;
132 } else {
133 return AuthenticationProtocolState.FAILED;
134 }
135 } else {
136 return AuthenticationProtocolState.FAILED;
137 }
138 } else {
139 log.error("Client replied with an invalid message " +
140 response.getMessageName());
141
142 return AuthenticationProtocolState.FAILED;
143 }
144 } else {
145 log.error("Client replied with an invalid message " +
146 response.getMessageName());
147
148 return AuthenticationProtocolState.FAILED;
149 }
150 }
151 } else {
152 log.error("Client responded with too many values!");
153
154 return AuthenticationProtocolState.FAILED;
155 }
156 } else {
157 log.error("Client replied with an invalid message " +
158 response.getMessageName());
159
160 return AuthenticationProtocolState.FAILED;
161 }
162 }
163 }