001 /*
002 * Copyright (C) 2012 eXo Platform SAS.
003 *
004 * This is free software; you can redistribute it and/or modify it
005 * under the terms of the GNU Lesser General Public License as
006 * published by the Free Software Foundation; either version 2.1 of
007 * the License, or (at your option) any later version.
008 *
009 * This software is distributed in the hope that it will be useful,
010 * but WITHOUT ANY WARRANTY; without even the implied warranty of
011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012 * Lesser General Public License for more details.
013 *
014 * You should have received a copy of the GNU Lesser General Public
015 * License along with this software; if not, write to the Free
016 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
017 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
018 */
019 package org.crsh.ssh.term;
020
021 import org.apache.sshd.SshServer;
022 import org.apache.sshd.common.Session;
023 import org.apache.sshd.server.PasswordAuthenticator;
024 import org.apache.sshd.server.session.ServerSession;
025 import org.crsh.plugin.PluginContext;
026 import org.crsh.auth.AuthenticationPlugin;
027 import org.crsh.ssh.term.scp.SCPCommandFactory;
028 import org.crsh.term.TermLifeCycle;
029 import org.crsh.term.spi.TermIOHandler;
030 import org.crsh.vfs.Resource;
031 import org.slf4j.Logger;
032 import org.slf4j.LoggerFactory;
033
034 public class SSHLifeCycle extends TermLifeCycle {
035
036 /** . */
037 public static final Session.AttributeKey<String> USERNAME = new Session.AttributeKey<java.lang.String>();
038
039 /** . */
040 public static final Session.AttributeKey<String> PASSWORD = new Session.AttributeKey<java.lang.String>();
041
042 /** . */
043 private final Logger log = LoggerFactory.getLogger(SSHLifeCycle.class);
044
045 /** . */
046 private SshServer server;
047
048 /** . */
049 private int port;
050
051 /** . */
052 private Resource key;
053
054 /** . */
055 private String authentication;
056
057 public SSHLifeCycle(PluginContext context) {
058 super(context);
059 }
060
061 public int getPort() {
062 return port;
063 }
064
065 public void setPort(int port) {
066 this.port = port;
067 }
068
069 public Resource getKey() {
070 return key;
071 }
072
073 public void setKey(Resource key) {
074 this.key = key;
075 }
076
077 public String getAuthentication() {
078 return authentication;
079 }
080
081 public void setAuthentication(String authentication) {
082 this.authentication = authentication;
083 }
084
085 @Override
086 protected void doInit() {
087 try {
088
089 //
090 TermIOHandler handler = getHandler();
091
092 //
093 SshServer server = SshServer.setUpDefaultServer();
094 server.setPort(port);
095 server.setShellFactory(new CRaSHCommandFactory(handler));
096 server.setCommandFactory(new SCPCommandFactory(getContext()));
097 server.setKeyPairProvider(new URLKeyPairProvider(key));
098
099 // We never authenticate by default
100 AuthenticationPlugin plugin = new AuthenticationPlugin() {
101 public String getName() {
102 return "null";
103 }
104 public boolean authenticate(String username, String password) throws Exception {
105 return false;
106 }
107 };
108
109 // Lookup for an authentication plugin
110 if (authentication != null) {
111 for (AuthenticationPlugin authenticationPlugin : getContext().getPlugins(AuthenticationPlugin.class)) {
112 if (authentication.equals(authenticationPlugin.getName())) {
113 plugin = authenticationPlugin;
114 break;
115 }
116 }
117 }
118
119 //
120 final AuthenticationPlugin authPlugin = plugin;
121
122 //
123 server.setPasswordAuthenticator(new PasswordAuthenticator() {
124 public boolean authenticate(String _username, String _password, ServerSession session) {
125 boolean auth;
126 if (authPlugin != null)
127 {
128 try {
129 log.debug("Using authentication plugin " + authPlugin + " to authenticate user " + _username);
130 auth = authPlugin.authenticate(_username, _password);
131 } catch (Exception e) {
132 log.error("Exception authenticating user " + _username + " in authentication plugin: " + authPlugin, e);
133 return false;
134 }
135 }
136 else
137 {
138 // Say ok as this will be used later for performing an other kind of authentication
139 auth = true;
140 }
141
142 // We store username and password in session for later reuse
143 session.setAttribute(USERNAME, _username);
144 session.setAttribute(PASSWORD, _password);
145
146 //
147 return auth;
148 }
149 });
150
151 //
152 log.info("About to start CRaSSHD");
153 server.start();
154 log.info("CRaSSHD started on port " + port);
155
156 //
157 this.server = server;
158 }
159 catch (Throwable e) {
160 log.error("Could not start CRaSSHD", e);
161 }
162 }
163
164 @Override
165 protected void doDestroy() {
166 if (server != null) {
167 try {
168 server.stop();
169 }
170 catch (InterruptedException e) {
171 log.debug("Got an interruption when stopping server", e);
172 }
173 }
174 }
175 }