Overview  Package   Class  Use  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.maverick.sshd
Interface AccessManager

All Known Implementing Classes:
AccessManagerAdapter
public interface AccessManager

Use this interface to control access to SSH services. To configure a security manager add an instance of this interface to the ConfigurationContext.

Author:
Lee David Painter

Method Summary
 boolean canConnect(java.net.SocketAddress remoteClient)
          Can the remote ip address connect to this server.
 boolean canConnect(java.lang.String username)
          Perform an access permissions check to determine whether the user can connect to this server.
 boolean canExecuteCommand(byte[] sessionid, java.lang.String username, java.lang.String cmd)
          Perform an access permissions check to determine whether the user can execute the specified command
 boolean canForward(byte[] sessionid, java.lang.String username, ForwardingChannel channel, boolean isLocal)
          Perform an access permissions check to determine whether the user can open a forwarding channel to/on the specified host:port combination
 boolean canListen(byte[] sessionid, java.lang.String username, java.lang.String bindAddress, int bindPort)
          Perform an access permission check to determine whether the user can open up a listening port on the server to forward remote connections to the remote client.
 boolean canOpenChannel(byte[] sessionid, java.lang.String username, Channel channel)
          Can the user open a channel.
 boolean canStartShell(byte[] sessionid, java.lang.String username)
          Perform an access permissions check to determine whether the user can start a shell.
 boolean canStartSubsystem(byte[] sessionid, java.lang.String username, java.lang.String subsystem)
          Perform an access permissions check to determine whether the user can start the specified subsystem
 java.lang.String[] getRequiredAuthentications(byte[] sessionid, java.lang.String username)
          Called by the AuthenticationProtocol to retrieve a list of required authentications for each user.
 

Method Detail

canConnect

public boolean canConnect(java.lang.String username)
Perform an access permissions check to determine whether the user can connect to this server.

Parameters:
username -
Returns:
boolean

canConnect

public boolean canConnect(java.net.SocketAddress remoteClient)
Can the remote ip address connect to this server.

Parameters:
remoteClient - SocketAddress
Returns:
boolean

canOpenChannel

public boolean canOpenChannel(byte[] sessionid,
                              java.lang.String username,
                              Channel channel)
Can the user open a channel. The channel is not open when this method is called and it has not been allocated a channel id. Use the channel instance to verify the type of channel and add event listeners if you wish.

Parameters:
sessionid - byte[]
username - String
channel - Channel
Returns:
boolean

canStartShell

public boolean canStartShell(byte[] sessionid,
                             java.lang.String username)
Perform an access permissions check to determine whether the user can start a shell.

Parameters:
sessionid -
username -
Returns:
boolean

canExecuteCommand

public boolean canExecuteCommand(byte[] sessionid,
                                 java.lang.String username,
                                 java.lang.String cmd)
Perform an access permissions check to determine whether the user can execute the specified command

Parameters:
sessionid -
username -
cmd -
Returns:
boolean

canStartSubsystem

public boolean canStartSubsystem(byte[] sessionid,
                                 java.lang.String username,
                                 java.lang.String subsystem)
Perform an access permissions check to determine whether the user can start the specified subsystem

Parameters:
sessionid -
username -
subsystem -
Returns:
boolean

canForward

public boolean canForward(byte[] sessionid,
                          java.lang.String username,
                          ForwardingChannel channel,
                          boolean isLocal)
Perform an access permissions check to determine whether the user can open a forwarding channel to/on the specified host:port combination

Parameters:
sessionid - the id of the users session
username - the connected user
channel - the channel instance being opened. You can get information such as address/host from this.
isLocal - true if the forwarding is local, otherwise false for remote forwarding.
Returns:
boolean

canListen

public boolean canListen(byte[] sessionid,
                         java.lang.String username,
                         java.lang.String bindAddress,
                         int bindPort)
Perform an access permission check to determine whether the user can open up a listening port on the server to forward remote connections to the remote client.

Parameters:
sessionid -
username -
bindAddress -
bindPort -
Returns:
boolean

getRequiredAuthentications

public java.lang.String[] getRequiredAuthentications(byte[] sessionid,
                                                     java.lang.String username)
Called by the AuthenticationProtocol to retrieve a list of required authentications for each user. If you do not want to override the settings in the ConfigurationContext then return null, otherwise return a list of the user's required authentications.

Parameters:
sessionid - byte[]
username - String
Returns:
String[]
Overview  Package   Class  Use  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2003-2008 SSHTools LTD. All Rights Reserved.