Authenticating Users with Passwords

With the Maverick Synergy SSH server API, we can configure the server to accept users via password authentication by adding an Authenticator instance to the server that extends PasswordAuthenticationProvider.

In our first example, we saw this with the built-in utility class InMemoryPasswordAuthenticator, where we simply pass an instance to the server and configure it with usernames and passwords allowed to connect.

server.addAuthenticator(new InMemoryPasswordAuthenticator() 
        .addUser("admin", "admin".toCharArray()));

We can, of course, extend the use of this by adding more users:

server.addAuthenticator(new InMemoryPasswordAuthenticator() 
      .addUser("admin", "admin".toCharArray()) 
      .addUser("bob", "zzzzzz".toCharArray())
      .addUser("alice", "yyyyyy".toCharArray())
      .addUser("lee", "xxxxxx".toCharArray()));

This, however, may not be ideal for you, and you may want to support password authentication from external sources. In this case, you will need to implement your own PasswordAuthenticatorProvider.

To do this, extend PasswordAuthenticationProvider and implement the verifyPassword method. You do not have to implement changePassword; this is optional. If you want to support password change, then you simply throw PasswordChangeException from verifyPassword and implement the changePassword method too.

public class MyPasswordAuthenticator extends PasswordAuthenticationProvider {
   @Override 
   public boolean verifyPassword(SshConnection con, String username, String password) 
               throws PasswordChangeException, IOException {
                      return false; 
   }

   @Override 
   public boolean changePassword(SshConnection con, String username, String oldpassword, String newpassword) 
               throws PasswordChangeException, IOException { 
                      return false; 
   }
}

Then configure your server with your implementation:

server.addAuthenticator(new MyPasswordAuthenticator());