You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mina.apache.org by "Thomas Wolf (Jira)" <ji...@apache.org> on 2020/09/13 16:06:00 UTC

[jira] [Commented] (SSHD-1076) Make creation of the AuthFuture in ClientUserAuthService configurable/overrideable

    [ https://issues.apache.org/jira/browse/SSHD-1076?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17195064#comment-17195064 ] 

Thomas Wolf commented on SSHD-1076:
-----------------------------------

Forget it. There's no way to send heartbeats during the authentication; that comes only later. Even if some heartbeats were sent at protocol level, an OpenSSH server wouldn't make them extend the LoginGraceTime – that sets a global limit (by default 120 seconds), and if auth hasn't succeeded by then, the connection is closed no matter what.

So it's not worth trying to handle a user distracted by a phone call or some such. If he didn't enter the password within the default timeout, he'll just get an exception.

Guess my need to have my own AuthFuture has just gone away.

> Make creation of the AuthFuture in ClientUserAuthService configurable/overrideable
> ----------------------------------------------------------------------------------
>
>                 Key: SSHD-1076
>                 URL: https://issues.apache.org/jira/browse/SSHD-1076
>             Project: MINA SSHD
>          Issue Type: New Feature
>    Affects Versions: 2.5.1
>            Reporter: Thomas Wolf
>            Priority: Major
>
> I have a need to have my own {{AuthFuture}} implementation. With the current implementation, the authentication timeout keeps running even while the client is asking the user for input, such as for a passphrase for an encrypted private key. If the user doesn't supply the information quickly enough, the session gets closed behind his back when the timeout expires.
> So I need an {{AuthFuture}} that I can _pause_ while my client program is requesting user input. I do have that actually, but currently I need to subclass {{ClientUserAuthService}} (because {{AbstractClientSession.getUserAuthService()}} has it as return type) _and_ copy all its code because the creation of the {{AuthFuture}} is hard-coded as {{new DefaultAuthFuture(...)}} in {{ClientUserAuthService.auth()}}.
> Factoring this out into a separate method {{protected AuthFuture createAuthFuture(String serviceName, Object lock)}} would be one way (then I could override without having to copy all the code), but maybe there is a better way, such as a separately configurable AuthFutureFactory.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org