import org.opendaylight.controller.netconf.nettyutil.handler.ssh.authentication.AuthenticationHandler;
import org.opendaylight.controller.netconf.ssh.NetconfSSHServer;
import org.opendaylight.controller.netconf.ssh.authentication.AuthProvider;
+import org.opendaylight.controller.netconf.ssh.authentication.AuthProviderImpl;
import org.opendaylight.controller.netconf.ssh.authentication.PEMGenerator;
import org.opendaylight.controller.netconf.util.messages.NetconfMessageUtil;
import org.opendaylight.controller.netconf.util.osgi.NetconfConfigUtil;
}
public AuthProvider getAuthProvider() throws Exception {
- AuthProvider mock = mock(AuthProvider.class);
+ AuthProvider mock = mock(AuthProviderImpl.class);
doReturn(true).when(mock).authenticated(anyString(), anyString());
doReturn(PEMGenerator.generate().toCharArray()).when(mock).getPEMAsCharArray();
return mock;
/*
- * Copyright (c) 2013 Cisco Systems, Inc. and others. All rights reserved.
+ * Copyright (c) 2014 Cisco Systems, Inc. and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
* and is available at http://www.eclipse.org/legal/epl-v10.html
*/
-package org.opendaylight.controller.netconf.ssh.authentication;
-
-import static com.google.common.base.Preconditions.checkNotNull;
-
-import com.google.common.annotations.VisibleForTesting;
-import org.opendaylight.controller.sal.authorization.AuthResultEnum;
-import org.opendaylight.controller.usermanager.IUserManager;
-import org.osgi.framework.BundleContext;
-import org.osgi.framework.ServiceReference;
-import org.osgi.util.tracker.ServiceTracker;
-import org.osgi.util.tracker.ServiceTrackerCustomizer;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class AuthProvider {
- private static final Logger logger = LoggerFactory.getLogger(AuthProvider.class);
-
- private final String pem;
- private IUserManager nullableUserManager;
- public AuthProvider(String pemCertificate, final BundleContext bundleContext) {
- checkNotNull(pemCertificate, "Parameter 'pemCertificate' is null");
- pem = pemCertificate;
-
- ServiceTrackerCustomizer<IUserManager, IUserManager> customizer = new ServiceTrackerCustomizer<IUserManager, IUserManager>() {
- @Override
- public IUserManager addingService(final ServiceReference<IUserManager> reference) {
- logger.trace("Service {} added", reference);
- nullableUserManager = bundleContext.getService(reference);
- return nullableUserManager;
- }
-
- @Override
- public void modifiedService(final ServiceReference<IUserManager> reference, final IUserManager service) {
- logger.trace("Replacing modified service {} in netconf SSH.", reference);
- nullableUserManager = service;
- }
-
- @Override
- public void removedService(final ServiceReference<IUserManager> reference, final IUserManager service) {
- logger.trace("Removing service {} from netconf SSH. " +
- "SSH won't authenticate users until IUserManager service will be started.", reference);
- synchronized (AuthProvider.this) {
- nullableUserManager = null;
- }
- }
- };
- ServiceTracker<IUserManager, IUserManager> listenerTracker = new ServiceTracker<>(bundleContext, IUserManager.class, customizer);
- listenerTracker.open();
- }
+package org.opendaylight.controller.netconf.ssh.authentication;
- /**
- * Authenticate user. This implementation tracks IUserManager and delegates the decision to it. If the service is not
- * available, IllegalStateException is thrown.
- */
- public synchronized boolean authenticated(String username, String password) {
- if (nullableUserManager == null) {
- logger.warn("Cannot authenticate user '{}', user manager service is missing", username);
- throw new IllegalStateException("User manager service is not available");
- }
- AuthResultEnum authResult = nullableUserManager.authenticate(username, password);
- logger.debug("Authentication result for user '{}' : {}", username, authResult);
- return authResult.equals(AuthResultEnum.AUTH_ACCEPT) || authResult.equals(AuthResultEnum.AUTH_ACCEPT_LOC);
- }
+public interface AuthProvider {
- public char[] getPEMAsCharArray() {
- return pem.toCharArray();
- }
+ boolean authenticated(String username, String password);
- @VisibleForTesting
- void setNullableUserManager(IUserManager nullableUserManager) {
- this.nullableUserManager = nullableUserManager;
- }
+ char[] getPEMAsCharArray();
}
--- /dev/null
+/*
+ * Copyright (c) 2013 Cisco Systems, Inc. and others. All rights reserved.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ * and is available at http://www.eclipse.org/legal/epl-v10.html
+ */
+package org.opendaylight.controller.netconf.ssh.authentication;
+
+import static com.google.common.base.Preconditions.checkNotNull;
+
+import com.google.common.annotations.VisibleForTesting;
+import org.opendaylight.controller.sal.authorization.AuthResultEnum;
+import org.opendaylight.controller.usermanager.IUserManager;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.ServiceReference;
+import org.osgi.util.tracker.ServiceTracker;
+import org.osgi.util.tracker.ServiceTrackerCustomizer;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class AuthProviderImpl implements AuthProvider {
+ private static final Logger logger = LoggerFactory.getLogger(AuthProviderImpl.class);
+
+ private final String pem;
+ private IUserManager nullableUserManager;
+
+ public AuthProviderImpl(String pemCertificate, final BundleContext bundleContext) {
+ checkNotNull(pemCertificate, "Parameter 'pemCertificate' is null");
+ pem = pemCertificate;
+
+ ServiceTrackerCustomizer<IUserManager, IUserManager> customizer = new ServiceTrackerCustomizer<IUserManager, IUserManager>() {
+ @Override
+ public IUserManager addingService(final ServiceReference<IUserManager> reference) {
+ logger.trace("Service {} added", reference);
+ nullableUserManager = bundleContext.getService(reference);
+ return nullableUserManager;
+ }
+
+ @Override
+ public void modifiedService(final ServiceReference<IUserManager> reference, final IUserManager service) {
+ logger.trace("Replacing modified service {} in netconf SSH.", reference);
+ nullableUserManager = service;
+ }
+
+ @Override
+ public void removedService(final ServiceReference<IUserManager> reference, final IUserManager service) {
+ logger.trace("Removing service {} from netconf SSH. " +
+ "SSH won't authenticate users until IUserManager service will be started.", reference);
+ synchronized (AuthProviderImpl.this) {
+ nullableUserManager = null;
+ }
+ }
+ };
+ ServiceTracker<IUserManager, IUserManager> listenerTracker = new ServiceTracker<>(bundleContext, IUserManager.class, customizer);
+ listenerTracker.open();
+ }
+
+ /**
+ * Authenticate user. This implementation tracks IUserManager and delegates the decision to it. If the service is not
+ * available, IllegalStateException is thrown.
+ */
+ @Override
+ public synchronized boolean authenticated(String username, String password) {
+ if (nullableUserManager == null) {
+ logger.warn("Cannot authenticate user '{}', user manager service is missing", username);
+ throw new IllegalStateException("User manager service is not available");
+ }
+ AuthResultEnum authResult = nullableUserManager.authenticate(username, password);
+ logger.debug("Authentication result for user '{}' : {}", username, authResult);
+ return authResult.equals(AuthResultEnum.AUTH_ACCEPT) || authResult.equals(AuthResultEnum.AUTH_ACCEPT_LOC);
+ }
+
+ @Override
+ public char[] getPEMAsCharArray() {
+ return pem.toCharArray();
+ }
+
+ @VisibleForTesting
+ void setNullableUserManager(IUserManager nullableUserManager) {
+ this.nullableUserManager = nullableUserManager;
+ }
+}
import org.apache.commons.lang3.StringUtils;
import org.opendaylight.controller.netconf.ssh.NetconfSSHServer;
import org.opendaylight.controller.netconf.ssh.authentication.AuthProvider;
+import org.opendaylight.controller.netconf.ssh.authentication.AuthProviderImpl;
import org.opendaylight.controller.netconf.ssh.authentication.PEMGenerator;
import org.opendaylight.controller.netconf.util.osgi.NetconfConfigUtil;
import org.opendaylight.controller.netconf.util.osgi.NetconfConfigUtil.InfixProp;
checkState(StringUtils.isNotBlank(path), "Path to ssh private key is blank. Reconfigure %s", NetconfConfigUtil.getPrivateKeyKey());
String privateKeyPEMString = PEMGenerator.readOrGeneratePK(new File(path));
- final AuthProvider authProvider = new AuthProvider(privateKeyPEMString, bundleContext);
+ final AuthProvider authProvider = new AuthProviderImpl(privateKeyPEMString, bundleContext);
EventLoopGroup bossGroup = new NioEventLoopGroup();
NetconfSSHServer server = NetconfSSHServer.start(sshSocketAddress.getPort(), localAddress, authProvider, bossGroup);
import org.opendaylight.controller.netconf.nettyutil.handler.ssh.client.SshHandler;
import org.opendaylight.controller.netconf.ssh.NetconfSSHServer;
import org.opendaylight.controller.netconf.ssh.authentication.AuthProvider;
+import org.opendaylight.controller.netconf.ssh.authentication.AuthProviderImpl;
import org.opendaylight.controller.netconf.ssh.authentication.PEMGenerator;
import org.opendaylight.controller.netconf.util.osgi.NetconfConfigUtil;
import org.slf4j.Logger;
@Test
public void test() throws Exception {
new Thread(new EchoServer(), "EchoServer").start();
- AuthProvider authProvider = mock(AuthProvider.class);
+ AuthProvider authProvider = mock(AuthProviderImpl.class);
doReturn(PEMGenerator.generate().toCharArray()).when(authProvider).getPEMAsCharArray();
doReturn(true).when(authProvider).authenticated(anyString(), anyString());
NetconfSSHServer netconfSSHServer = NetconfSSHServer.start(10831, NetconfConfigUtil.getNetconfLocalAddress(),
try (InputStream is = getClass().getResourceAsStream("/RSA.pk")) {
pem = IOUtils.toString(is);
}
- AuthProvider ap = new AuthProvider(pem, mockedContext);
+ AuthProviderImpl ap = new AuthProviderImpl(pem, mockedContext);
ap.setNullableUserManager(um);
EventLoopGroup bossGroup = new NioEventLoopGroup();
NetconfSSHServer server = NetconfSSHServer.start(PORT, NetconfConfigUtil.getNetconfLocalAddress(),