001: /*
002: * SSHTools - Java SSH2 API
003: *
004: * Copyright (C) 2002-2003 Lee David Painter and Contributors.
005: *
006: * Contributions made by:
007: *
008: * Brett Smith
009: * Richard Pernavas
010: * Erwin Bolwidt
011: *
012: * This program is free software; you can redistribute it and/or
013: * modify it under the terms of the GNU General Public License
014: * as published by the Free Software Foundation; either version 2
015: * of the License, or (at your option) any later version.
016: *
017: * This program is distributed in the hope that it will be useful,
018: * but WITHOUT ANY WARRANTY; without even the implied warranty of
019: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
020: * GNU General Public License for more details.
021: *
022: * You should have received a copy of the GNU General Public License
023: * along with this program; if not, write to the Free Software
024: * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
025: */
026: package com.sshtools.daemon.authentication;
027:
028: import com.sshtools.daemon.platform.*;
029:
030: import com.sshtools.j2ssh.authentication.*;
031: import com.sshtools.j2ssh.io.*;
032:
033: import org.apache.commons.logging.*;
034:
035: import java.io.*;
036:
037: import java.util.*;
038:
039: /**
040: *
041: *
042: * @author $author$
043: * @version $Revision: 1.10 $
044: */
045: public class PasswordAuthenticationServer extends
046: SshAuthenticationServer {
047: private static Log log = LogFactory
048: .getLog(PasswordAuthenticationServer.class);
049:
050: /**
051: *
052: *
053: * @return
054: */
055: public final String getMethodName() {
056: return "password";
057: }
058:
059: /**
060: *
061: *
062: * @param tokens
063: */
064: public void setAuthenticatedTokens(Map tokens) {
065: }
066:
067: /**
068: *
069: *
070: * @param authentication
071: * @param msg
072: *
073: * @return
074: *
075: * @throws IOException
076: */
077: public int authenticate(
078: AuthenticationProtocolServer authentication,
079: SshMsgUserAuthRequest msg) throws IOException {
080: NativeAuthenticationProvider authImpl = NativeAuthenticationProvider
081: .getInstance();
082:
083: if (authImpl == null) {
084: log
085: .error("Cannot perfrom authentication witout native authentication provider");
086:
087: return AuthenticationProtocolState.FAILED;
088: }
089:
090: ByteArrayReader bar = new ByteArrayReader(msg.getRequestData());
091: boolean changepwd = ((bar.read() == 0) ? false : true);
092: String password = bar.readString();
093: String newpassword = null;
094:
095: if (changepwd) {
096: newpassword = bar.readString();
097:
098: try {
099: if (!authImpl.changePassword(msg.getUsername(),
100: password, newpassword)) {
101: return AuthenticationProtocolState.FAILED;
102: }
103:
104: if (authImpl.logonUser(msg.getUsername(), newpassword)) {
105: return AuthenticationProtocolState.COMPLETE;
106: } else {
107: return AuthenticationProtocolState.FAILED;
108: }
109: } catch (PasswordChangeException ex1) {
110: return AuthenticationProtocolState.FAILED;
111: }
112: } else {
113: try {
114: if (authImpl.logonUser(msg.getUsername(), password)) {
115: log.info(msg.getUsername()
116: + " has passed password authentication");
117:
118: return AuthenticationProtocolState.COMPLETE;
119: } else {
120: log.info(msg.getUsername()
121: + " has failed password authentication");
122:
123: return AuthenticationProtocolState.FAILED;
124: }
125: } catch (PasswordChangeException ex) {
126: SshMsgUserAuthPwdChangeReq reply = new SshMsgUserAuthPwdChangeReq(
127: msg.getUsername()
128: + " is required to change password", "");
129: authentication.sendMessage(reply);
130:
131: return AuthenticationProtocolState.READY;
132: }
133: }
134: }
135: }
|