001    /*
002     * Copyright (C) 2012 eXo Platform SAS.
003     *
004     * This is free software; you can redistribute it and/or modify it
005     * under the terms of the GNU Lesser General Public License as
006     * published by the Free Software Foundation; either version 2.1 of
007     * the License, or (at your option) any later version.
008     *
009     * This software is distributed in the hope that it will be useful,
010     * but WITHOUT ANY WARRANTY; without even the implied warranty of
011     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012     * Lesser General Public License for more details.
013     *
014     * You should have received a copy of the GNU Lesser General Public
015     * License along with this software; if not, write to the Free
016     * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
017     * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
018     */
019    package org.crsh.ssh.term;
020    
021    import org.apache.sshd.SshServer;
022    import org.apache.sshd.common.Session;
023    import org.apache.sshd.server.PasswordAuthenticator;
024    import org.apache.sshd.server.session.ServerSession;
025    import org.crsh.plugin.PluginContext;
026    import org.crsh.auth.AuthenticationPlugin;
027    import org.crsh.ssh.term.scp.SCPCommandFactory;
028    import org.crsh.term.TermLifeCycle;
029    import org.crsh.term.spi.TermIOHandler;
030    import org.crsh.vfs.Resource;
031    import org.slf4j.Logger;
032    import org.slf4j.LoggerFactory;
033    
034    public class SSHLifeCycle extends TermLifeCycle {
035    
036      /** . */
037      public static final Session.AttributeKey<String> USERNAME = new Session.AttributeKey<java.lang.String>();
038    
039      /** . */
040      public static final Session.AttributeKey<String> PASSWORD = new Session.AttributeKey<java.lang.String>();
041    
042      /** . */
043      private final Logger log = LoggerFactory.getLogger(SSHLifeCycle.class);
044    
045      /** . */
046      private SshServer server;
047    
048      /** . */
049      private int port;
050    
051      /** . */
052      private Resource key;
053    
054      /** . */
055      private String authentication;
056    
057      public SSHLifeCycle(PluginContext context) {
058        super(context);
059      }
060    
061      public int getPort() {
062        return port;
063      }
064    
065      public void setPort(int port) {
066        this.port = port;
067      }
068    
069      public Resource getKey() {
070        return key;
071      }
072    
073      public void setKey(Resource key) {
074        this.key = key;
075      }
076    
077      public String getAuthentication() {
078        return authentication;
079      }
080    
081      public void setAuthentication(String authentication) {
082        this.authentication = authentication;
083      }
084    
085      @Override
086      protected void doInit() {
087        try {
088    
089          //
090          TermIOHandler handler = getHandler();
091    
092          //
093          SshServer server = SshServer.setUpDefaultServer();
094          server.setPort(port);
095          server.setShellFactory(new CRaSHCommandFactory(handler));
096          server.setCommandFactory(new SCPCommandFactory(getContext()));
097          server.setKeyPairProvider(new URLKeyPairProvider(key));
098    
099          // We never authenticate by default
100          AuthenticationPlugin plugin = new AuthenticationPlugin() {
101            public String getName() {
102              return "null";
103            }
104            public boolean authenticate(String username, String password) throws Exception {
105              return false;
106            }
107          };
108    
109          // Lookup for an authentication plugin
110          if (authentication != null) {
111            for (AuthenticationPlugin authenticationPlugin : getContext().getPlugins(AuthenticationPlugin.class)) {
112              if (authentication.equals(authenticationPlugin.getName())) {
113                plugin = authenticationPlugin;
114                break;
115              }
116            }
117          }
118    
119          //
120          final AuthenticationPlugin authPlugin = plugin;
121    
122          //
123          server.setPasswordAuthenticator(new PasswordAuthenticator() {
124            public boolean authenticate(String _username, String _password, ServerSession session) {
125              boolean auth;
126              try {
127                log.debug("Using authentication plugin " + authPlugin + " to authenticate user " + _username);
128                auth = authPlugin.authenticate(_username, _password);
129              } catch (Exception e) {
130                log.error("Exception authenticating user " + _username + " in authentication plugin: " + authPlugin, e);
131                return false;
132              }
133    
134              // We store username and password in session for later reuse
135              session.setAttribute(USERNAME, _username);
136              session.setAttribute(PASSWORD, _password);
137    
138              //
139              return auth;
140            }
141          });
142    
143          //
144          log.info("About to start CRaSSHD");
145          server.start();
146          log.info("CRaSSHD started on port " + port);
147    
148          //
149          this.server = server;
150        }
151        catch (Throwable e) {
152          log.error("Could not start CRaSSHD", e);
153        }
154      }
155    
156      @Override
157      protected void doDestroy() {
158        if (server != null) {
159          try {
160            server.stop();
161          }
162          catch (InterruptedException e) {
163            log.debug("Got an interruption when stopping server", e);
164          }
165        }
166      }
167    }