mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Guillaume Nodet <gno...@apache.org>
Subject Re: Java SSHClient Authentication with GSS
Date Tue, 22 Apr 2014 21:44:19 GMT
Try something like:
  ((AbstractSession) session).getIoSession().getId()


2014-04-22 22:10 GMT+02:00 Josh Clum <joshclum@gmail.com>:

> I'm writing a userauthgss for sshd. Is there any way to get the session id
> from the client session? I see that the serversession class has sessionid
> field but not the clientsession. Anybody know where I could get that?
>
>
> On Thu, Apr 17, 2014 at 12:34 PM, Guillaume Nodet <gnodet@apache.org>
> wrote:
>
> > To be honest, the GSS support has been contributed a long time ago and
> has
> > no unit / integration test.
> > In addition, I have no clue how to set up such a test, so GSS support may
> > be slightly broken.
> >
> > You're a bit on your own, unless you can set up a small test that I could
> > use to debug (with instructions how to set up the needed environment).
> >
> >
> > 2014-04-17 17:40 GMT+02:00 Josh Clum <joshclum@gmail.com>:
> >
> > > Maybe I will :) but for now I giving JSch a try.I'm setting up a test
> > with
> > > the jsch client and an apache mina server to use gss authentication. It
> > > looks like there is some protocol confusion with the messages being
> sent.
> > > Are the versioning problems(kerberos, gssapi) that I might incur when
> > > trying to use the jsch client to connect via userauthgss?
> > >
> > > On the client side I'm getting:
> > >
> > > java.net.SocketTimeoutException: Read timed out
> > >
> > > On the server side this is my session start to finish:
> > >
> > > 11:08:08,876 DEBUG [KerberosProtocolHandler]
> > > (KerberosProtocolHandler.java:91) /10.128.88.132:55448 CREATED:
>  socket
> > > 11:08:08,877 DEBUG [KERBEROS_LOG] (KerberosProtocolHandler.java:96) /
> > > 10.128.88.132:55448 CREATED:  socket
> > > 11:08:08,877 DEBUG [KerberosProtocolHandler]
> > > (KerberosProtocolHandler.java:108) /10.128.88.132:55448 OPENED
> > > 11:08:08,877 DEBUG [KERBEROS_LOG] (KerberosProtocolHandler.java:113) /
> > > 10.128.88.132:55448 OPENED
> > > 11:08:08,877 DEBUG [ProtocolCodecFilter] (ProtocolCodecFilter.java:211)
> > > Processing a MESSAGE_RECEIVED for session 6
> > > 11:08:54,898 DEBUG [Asn1Decoder] (Asn1Decoder.java:671)
> > > >>>==========================================
> > > 11:08:54,899 DEBUG [Asn1Decoder] (Asn1Decoder.java:672) --> Decoding a
> > PDU
> > > 11:08:54,899 DEBUG [Asn1Decoder] (Asn1Decoder.java:673)
> > > >>>------------------------------------------
> > > 11:08:54,900 DEBUG [Asn1Decoder] (Asn1Decoder.java:680) --- State =
> > > TAG_STATE_START ---
> > > 11:08:54,901 DEBUG [Asn1Decoder] (Asn1Decoder.java:686)   current byte
> :
> > > 0x32
> > > 11:08:54,901 DEBUG [Asn1Decoder] (Asn1Decoder.java:108) Tag 0x32 has
> been
> > > decoded
> > > 11:08:54,901 DEBUG [Asn1Decoder] (Asn1Decoder.java:680) --- State =
> > > LENGTH_STATE_START ---
> > > 11:08:54,902 DEBUG [Asn1Decoder] (Asn1Decoder.java:686)   current byte
> :
> > > 0x2E
> > > 11:08:54,902 DEBUG [Asn1Decoder] (Asn1Decoder.java:680) --- State =
> > > LENGTH_STATE_END ---
> > > 11:08:54,902 DEBUG [Asn1Decoder] (Asn1Decoder.java:686)   current byte
> :
> > > 0x30
> > > 11:08:54,903 DEBUG [Asn1Decoder] (Asn1Decoder.java:360) Parent length :
> > TLV
> > > expected length stack :  - null
> > > 11:08:54,903 DEBUG [Asn1Decoder] (Asn1Decoder.java:372) Root TLV[46]
> > > 11:08:54,903 DEBUG [Asn1Decoder] (Asn1Decoder.java:480) Length 46 has
> > been
> > > decoded
> > > 11:08:54,903 DEBUG [Asn1Decoder] (Asn1Decoder.java:680) --- State =
> > > VALUE_STATE_START ---
> > > 11:08:54,904 DEBUG [Asn1Decoder] (Asn1Decoder.java:686)   current byte
> :
> > > 0x30
> > > 11:08:54,904 DEBUG [Asn1Decoder] (Asn1Decoder.java:758)
> > > <<<------------------------------------------
> > > 11:08:54,905 DEBUG [Asn1Decoder] (Asn1Decoder.java:775) <-- End
> decoding
> > :
> > > TLV[ 0x32, 46, DATA[0x30 0x2D 0x4A 0x53 0x43 0x48 0x2D 0x30 0x2E 0x31
> > 0x2E
> > > 0x35 0x31 0x0A 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
> > 0x00
> > > 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
> > 0x00
> > > 0x00 0x00 0x00 0x00 0x00 ]]
> > > 11:08:54,905 DEBUG [Asn1Decoder] (Asn1Decoder.java:783)
> > > <<<==========================================
> > > 11:10:23,724 ERROR [KerberosProtocolHandler]
> > > (KerberosProtocolHandler.java:157) /10.128.88.132:55448 EXCEPTION
> > > org.apache.mina.filter.codec.ProtocolDecoderException:
> > > java.lang.IllegalArgumentException: message (Hexdump: 53 53 48 2D 32 2E
> > 30
> > > 2D 4A 53 43 48 2D 30 2E 31 2E 35 31 0A)
> > >   at
> > >
> > >
> >
> org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:242)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:109)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:410)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:710)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:664)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:653)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.polling.AbstractPollingIoProcessor.access$600(AbstractPollingIoProcessor.java:67)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1124)
> > >   at
> > >
> > >
> >
> org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
> > >   at
> > >
> > >
> >
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
> > >   at
> > >
> > >
> >
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
> > >   at java.lang.Thread.run(Thread.java:695)
> > > Caused by: java.lang.IllegalArgumentException: message
> > >   at
> > >
> > >
> >
> org.apache.mina.filter.codec.AbstractProtocolDecoderOutput.write(AbstractProtocolDecoderOutput.java:43)
> > >   at
> > >
> > >
> >
> org.apache.directory.server.kerberos.protocol.codec.MinaKerberosDecoder.decode(MinaKerberosDecoder.java:65)
> > >   at
> > >
> > >
> >
> org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:232)
> > >   ... 15 more
> > > 11:10:23,726 ERROR [KERBEROS_LOG] (KerberosProtocolHandler.java:158) /
> > > 10.128.88.132:55448 EXCEPTION
> > > org.apache.mina.filter.codec.ProtocolDecoderException:
> > > java.lang.IllegalArgumentException: message (Hexdump: 53 53 48 2D 32 2E
> > 30
> > > 2D 4A 53 43 48 2D 30 2E 31 2E 35 31 0A)
> > >   at
> > >
> > >
> >
> org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:242)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:109)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:410)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:710)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:664)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:653)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.polling.AbstractPollingIoProcessor.access$600(AbstractPollingIoProcessor.java:67)
> > >   at
> > >
> > >
> >
> org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1124)
> > >   at
> > >
> > >
> >
> org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
> > >   at
> > >
> > >
> >
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
> > >   at
> > >
> > >
> >
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
> > >   at java.lang.Thread.run(Thread.java:695)
> > > Caused by: java.lang.IllegalArgumentException: message
> > >   at
> > >
> > >
> >
> org.apache.mina.filter.codec.AbstractProtocolDecoderOutput.write(AbstractProtocolDecoderOutput.java:43)
> > >   at
> > >
> > >
> >
> org.apache.directory.server.kerberos.protocol.codec.MinaKerberosDecoder.decode(MinaKerberosDecoder.java:65)
> > >   at
> > >
> > >
> >
> org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:232)
> > >   ... 15 more
> > > 11:10:23,727 DEBUG [KerberosProtocolHandler]
> > > (KerberosProtocolHandler.java:125) /10.128.88.132:55448 CLOSED
> > > 11:10:23,727 DEBUG [KERBEROS_LOG] (KerberosProtocolHandler.java:130) /
> > > 10.128.88.132:55448 CLOSED
> > >
> > > Thanks,
> > > Josh
> > >
> > >
> > > On Tue, Apr 15, 2014 at 4:08 PM, Guillaume Nodet <gnodet@apache.org>
> > > wrote:
> > >
> > > > Yes, GSS client side is currently not supported, so you need to write
> > > your
> > > > own org.apache.sshd.client.UserAuth implementation for GSS.
> > > > Contributions are welcomed ;-)
> > > >
> > > >
> > > > 2014-04-15 20:41 GMT+02:00 Josh Clum <joshclum@gmail.com>:
> > > >
> > > > > I have a SSHServer set up with the GSSAuthenticator. I want to
> > > > authenticate
> > > > > a java SSHClient with that server. Is there any way to do that?
> > Looking
> > > > at
> > > > > the api I only see ways to specify a public key, password, or
> > > interactive
> > > > > mode. Do I have to write my own implementation of UserAuth.java or
> > > > > AbstractUserAuth.java?
> > > > >
> > > >
> > >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message