From 92ae83de6b4f5401a1007bbb26e2f01168e9d6cb Mon Sep 17 00:00:00 2001 From: James Moger <james.moger@gitblit.com> Date: Mon, 05 Oct 2015 07:57:12 -0400 Subject: [PATCH] Revert manual specification of ssh user auth factories --- src/main/java/com/gitblit/transport/ssh/SshKrbAuthenticator.java | 26 ++++++++++++++++++++------ 1 files changed, 20 insertions(+), 6 deletions(-) diff --git a/src/main/java/com/gitblit/transport/ssh/SshKrbAuthenticator.java b/src/main/java/com/gitblit/transport/ssh/SshKrbAuthenticator.java index 8170c93..4afc00f 100644 --- a/src/main/java/com/gitblit/transport/ssh/SshKrbAuthenticator.java +++ b/src/main/java/com/gitblit/transport/ssh/SshKrbAuthenticator.java @@ -15,27 +15,41 @@ */ package com.gitblit.transport.ssh; -import com.gitblit.manager.IAuthenticationManager; -import com.gitblit.models.UserModel; import java.util.Locale; + import org.apache.sshd.server.auth.gss.GSSAuthenticator; import org.apache.sshd.server.session.ServerSession; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import com.gitblit.IStoredSettings; +import com.gitblit.Keys; +import com.gitblit.manager.IAuthenticationManager; +import com.gitblit.models.UserModel; + public class SshKrbAuthenticator extends GSSAuthenticator { - + protected final Logger log = LoggerFactory.getLogger(getClass()); protected final IAuthenticationManager authManager; - public SshKrbAuthenticator(IAuthenticationManager authManager) { + public SshKrbAuthenticator(IStoredSettings settings, IAuthenticationManager authManager) { this.authManager = authManager; - log.info("registry {}", authManager); + + String keytabString = settings.getString(Keys.git.sshKrb5Keytab, ""); + if(! keytabString.isEmpty()) { + setKeytabFile(keytabString); + } + + String servicePrincipalName = settings.getString(Keys.git.sshKrb5ServicePrincipalName, ""); + if(! servicePrincipalName.isEmpty()) { + setServicePrincipalName(servicePrincipalName); + } } + @Override public boolean validateIdentity(ServerSession session, String identity) { log.info("identify with kerberos {}", identity); - SshDaemonClient client = (SshDaemonClient)session.getAttribute(SshDaemonClient.KEY); + SshDaemonClient client = session.getAttribute(SshDaemonClient.KEY); if (client.getUser() != null) { log.info("{} has already authenticated!", identity); return true; -- Gitblit v1.9.1