X-Git-Url: https://git.opendaylight.org/gerrit/gitweb?p=controller.git;a=blobdiff_plain;f=opendaylight%2Fnetconf%2Fnetconf-ssh%2Fsrc%2Fmain%2Fjava%2Forg%2Fopendaylight%2Fcontroller%2Fnetconf%2Fssh%2Fauthentication%2FAuthProvider.java;h=5d39dd1eb8adad115e030c0136cbae702d2bde65;hp=a73dfdfd49eca56129a5ba0e98efb13fba001556;hb=8dd063e01eda1ce8f8c3cf0b49af17d6dfff388e;hpb=c541f7868e6e2d654b8080b5426bb12a39bddf11 diff --git a/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/ssh/authentication/AuthProvider.java b/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/ssh/authentication/AuthProvider.java index a73dfdfd49..5d39dd1eb8 100644 --- a/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/ssh/authentication/AuthProvider.java +++ b/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/ssh/authentication/AuthProvider.java @@ -7,70 +7,75 @@ */ package org.opendaylight.controller.netconf.ssh.authentication; -import ch.ethz.ssh2.signature.RSAPrivateKey; -import java.io.IOException; -import java.io.InputStream; -import java.util.ArrayList; -import java.util.List; -import org.apache.commons.io.IOUtils; +import static com.google.common.base.Preconditions.checkNotNull; + +import com.google.common.annotations.VisibleForTesting; import org.opendaylight.controller.sal.authorization.AuthResultEnum; -import org.opendaylight.controller.sal.authorization.UserLevel; import org.opendaylight.controller.usermanager.IUserManager; -import org.opendaylight.controller.usermanager.UserConfig; - -public class AuthProvider implements AuthProviderInterface { +import org.osgi.framework.BundleContext; +import org.osgi.framework.ServiceReference; +import org.osgi.util.tracker.ServiceTracker; +import org.osgi.util.tracker.ServiceTrackerCustomizer; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; - private static RSAPrivateKey hostkey = null; - private static IUserManager um; - private static final String DEAFULT_USER = "netconf"; - private static final String DEAFULT_PASSWORD = "netconf"; +public class AuthProvider { + private static final Logger logger = LoggerFactory.getLogger(AuthProvider.class); + private final String pem; + private IUserManager nullableUserManager; - public AuthProvider(IUserManager ium) throws Exception { + public AuthProvider(String pemCertificate, final BundleContext bundleContext) { + checkNotNull(pemCertificate, "Parameter 'pemCertificate' is null"); + pem = pemCertificate; - this.um = ium; + ServiceTrackerCustomizer customizer = new ServiceTrackerCustomizer() { + @Override + public IUserManager addingService(final ServiceReference reference) { + logger.trace("Service {} added", reference); + nullableUserManager = bundleContext.getService(reference); + return nullableUserManager; + } - if (this.um == null){ - throw new Exception("No usermanager service available."); - } + @Override + public void modifiedService(final ServiceReference reference, final IUserManager service) { + logger.trace("Replacing modified service {} in netconf SSH.", reference); + nullableUserManager = service; + } - List roles = new ArrayList(1); - roles.add(UserLevel.SYSTEMADMIN.toString()); - this.um.addLocalUser(new UserConfig(DEAFULT_USER, DEAFULT_PASSWORD, roles)); - } - @Override - public boolean authenticated(String username, String password) throws Exception { - if (this.um == null){ - throw new Exception("No usermanager service available."); - } - AuthResultEnum authResult = this.um.authenticate(username,password); - if (authResult.equals(AuthResultEnum.AUTH_ACCEPT) || authResult.equals(AuthResultEnum.AUTH_ACCEPT_LOC)){ - return true; - } - return false; + @Override + public void removedService(final ServiceReference reference, final IUserManager service) { + logger.trace("Removing service {} from netconf SSH. " + + "SSH won't authenticate users until IUserManager service will be started.", reference); + synchronized (AuthProvider.this) { + nullableUserManager = null; + } + } + }; + ServiceTracker listenerTracker = new ServiceTracker<>(bundleContext, IUserManager.class, customizer); + listenerTracker.open(); } - @Override - public char[] getPEMAsCharArray() { - - InputStream is = getClass().getResourceAsStream("/RSA.pk"); - try { - return IOUtils.toCharArray(is); - } catch (IOException e) { - e.printStackTrace(); + /** + * Authenticate user. This implementation tracks IUserManager and delegates the decision to it. If the service is not + * available, IllegalStateException is thrown. + */ + public synchronized boolean authenticated(String username, String password) { + if (nullableUserManager == null) { + logger.warn("Cannot authenticate user '{}', user manager service is missing", username); + throw new IllegalStateException("User manager service is not available"); } - return null; + AuthResultEnum authResult = nullableUserManager.authenticate(username, password); + logger.debug("Authentication result for user '{}' : {}", username, authResult); + return authResult.equals(AuthResultEnum.AUTH_ACCEPT) || authResult.equals(AuthResultEnum.AUTH_ACCEPT_LOC); } - @Override - public void removeUserManagerService() { - this.um = null; + public char[] getPEMAsCharArray() { + return pem.toCharArray(); } - @Override - public void addUserManagerService(IUserManager userManagerService) { - this.um = userManagerService; + @VisibleForTesting + void setNullableUserManager(IUserManager nullableUserManager) { + this.nullableUserManager = nullableUserManager; } - - }