diff options
| author | James Moger <james.moger@gitblit.com> | 2014-09-26 09:23:17 -0600 |
|---|---|---|
| committer | James Moger <james.moger@gitblit.com> | 2014-09-26 09:23:17 -0600 |
| commit | cbf820ffdc7c888b2130d6c14e179522ee6246b2 (patch) | |
| tree | 0cfddd7ac060cef23e8d9c143bf3713077e6ae77 /src/main/java/com | |
| parent | 3636765f0d46e513cb7aa1c665c49b933f435b22 (diff) | |
| parent | 7a273c783e31a9e87b702af8ac865df1d2d57c58 (diff) | |
| download | gitblit-cbf820ffdc7c888b2130d6c14e179522ee6246b2.tar.gz gitblit-cbf820ffdc7c888b2130d6c14e179522ee6246b2.zip | |
Merged #190 "Extract authenticate method from CachingPublicKeyAuthenticator"
Diffstat (limited to 'src/main/java/com')
| -rw-r--r-- | src/main/java/com/gitblit/transport/ssh/SshDaemon.java | 7 | ||||
| -rw-r--r-- | src/main/java/com/gitblit/transport/ssh/SshKeyAuthenticator.java (renamed from src/main/java/com/gitblit/transport/ssh/CachingPublicKeyAuthenticator.java) | 41 |
2 files changed, 7 insertions, 41 deletions
diff --git a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java index 261daa66..d0b7490e 100644 --- a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java +++ b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java @@ -31,6 +31,7 @@ import org.apache.sshd.common.io.mina.MinaServiceFactoryFactory; import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory; import org.apache.sshd.common.keyprovider.FileKeyPairProvider; import org.apache.sshd.common.util.SecurityUtils; +import org.apache.sshd.server.auth.CachingPublicKeyAuthenticator; import org.bouncycastle.openssl.PEMWriter; import org.eclipse.jgit.internal.JGitText; import org.slf4j.Logger; @@ -95,8 +96,8 @@ public class SshDaemon { hostKeyPairProvider.setFiles(new String [] { rsaKeyStore.getPath(), dsaKeyStore.getPath(), dsaKeyStore.getPath() }); // Client public key authenticator - CachingPublicKeyAuthenticator keyAuthenticator = - new CachingPublicKeyAuthenticator(gitblit.getPublicKeyManager(), gitblit); + SshKeyAuthenticator keyAuthenticator = + new SshKeyAuthenticator(gitblit.getPublicKeyManager(), gitblit); // Configure the preferred SSHD backend String sshBackendStr = settings.getString(Keys.git.sshBackend, @@ -122,7 +123,7 @@ public class SshDaemon { sshd.setPort(addr.getPort()); sshd.setHost(addr.getHostName()); sshd.setKeyPairProvider(hostKeyPairProvider); - sshd.setPublickeyAuthenticator(keyAuthenticator); + sshd.setPublickeyAuthenticator(new CachingPublicKeyAuthenticator(keyAuthenticator)); sshd.setPasswordAuthenticator(new UsernamePasswordAuthenticator(gitblit)); sshd.setSessionFactory(new SshServerSessionFactory()); sshd.setFileSystemFactory(new DisabledFilesystemFactory()); diff --git a/src/main/java/com/gitblit/transport/ssh/CachingPublicKeyAuthenticator.java b/src/main/java/com/gitblit/transport/ssh/SshKeyAuthenticator.java index e804a0da..c28a2ed6 100644 --- a/src/main/java/com/gitblit/transport/ssh/CachingPublicKeyAuthenticator.java +++ b/src/main/java/com/gitblit/transport/ssh/SshKeyAuthenticator.java @@ -16,14 +16,9 @@ package com.gitblit.transport.ssh; import java.security.PublicKey; -import java.util.HashMap; import java.util.List; import java.util.Locale; -import java.util.Map; -import java.util.concurrent.ConcurrentHashMap; -import org.apache.sshd.common.Session; -import org.apache.sshd.common.SessionListener; import org.apache.sshd.server.PublickeyAuthenticator; import org.apache.sshd.server.session.ServerSession; import org.slf4j.Logger; @@ -37,7 +32,7 @@ import com.google.common.base.Preconditions; * Authenticates an SSH session against a public key. * */ -public class CachingPublicKeyAuthenticator implements PublickeyAuthenticator, SessionListener { +public class SshKeyAuthenticator implements PublickeyAuthenticator { protected final Logger log = LoggerFactory.getLogger(getClass()); @@ -45,30 +40,13 @@ public class CachingPublicKeyAuthenticator implements PublickeyAuthenticator, Se protected final IAuthenticationManager authManager; - private final Map<ServerSession, Map<PublicKey, Boolean>> cache = new ConcurrentHashMap<ServerSession, Map<PublicKey, Boolean>>(); - - public CachingPublicKeyAuthenticator(IPublicKeyManager keyManager, IAuthenticationManager authManager) { + public SshKeyAuthenticator(IPublicKeyManager keyManager, IAuthenticationManager authManager) { this.keyManager = keyManager; this.authManager = authManager; } @Override - public boolean authenticate(String username, PublicKey key, ServerSession session) { - Map<PublicKey, Boolean> map = cache.get(session); - if (map == null) { - map = new HashMap<PublicKey, Boolean>(); - cache.put(session, map); - session.addListener(this); - } - if (map.containsKey(key)) { - return map.get(key); - } - boolean result = doAuthenticate(username, key, session); - map.put(key, result); - return result; - } - - private boolean doAuthenticate(String username, PublicKey suppliedKey, ServerSession session) { + public boolean authenticate(String username, PublicKey suppliedKey, ServerSession session) { SshDaemonClient client = session.getAttribute(SshDaemonClient.KEY); Preconditions.checkState(client.getUser() == null); username = username.toLowerCase(Locale.US); @@ -96,17 +74,4 @@ public class CachingPublicKeyAuthenticator implements PublickeyAuthenticator, Se log.warn("could not authenticate {} for SSH using the supplied public key", username); return false; } - - @Override - public void sessionCreated(Session session) { - } - - @Override - public void sessionEvent(Session sesssion, Event event) { - } - - @Override - public void sessionClosed(Session session) { - cache.remove(session); - } } |