File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Other JSE/JEE APIs and the fly likes JSch issue : com.jcraft.jsch.JSchException: Auth fail Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » Other JSE/JEE APIs
Bookmark "JSch issue : com.jcraft.jsch.JSchException: Auth fail" Watch "JSch issue : com.jcraft.jsch.JSchException: Auth fail" New topic
Author

JSch issue : com.jcraft.jsch.JSchException: Auth fail

Lalit Pawar
Greenhorn

Joined: Jul 08, 2013
Posts: 2
Hi

We are using JSch apis for SFTP access.
In our current project we want to differentiate between normal login failure due to invalid credentials and login failure due to account has been locked.
Can someone suggest how to do ? Below is our code snippet

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
public Session getSFTPSession(String userID, String password, int port,
String hostIP) throws IBPPException {
LOGGER.info("In getFtpSession");
JSch jsch = new JSch();
Session sftpSession = null;

try {
sftpSession = jsch.getSession(userID, hostIP, port);
LOGGER.info("sftpSession" + sftpSession);
sftpSession.setPassword(password);
Properties config = new Properties();
config.put("StrictHostKeyChecking", "no");
sftpSession.setConfig(config);
sftpSession.setTimeout(10 * 60 * 1000);
sftpSession.connect();
LOGGER.info("SFT connection open");

} catch (JSchException jsche) {

LOGGER.info("Error creating SFTP session. Exception is "
+ jsche.getMessage());

throw new BusinessException(ExceptionConstants.INVALID_LOGON,
CLASS_NAME, "getSFTPSession");
}
return sftpSession;
}
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

K. Tsang
Bartender

Joined: Sep 13, 2007
Posts: 2505
    
    8

Welcome to the Ranch

Well when you try to connect with a locked user id, will the JSchException message different from a wrong password login? If so catch that message and throw your specific exception.

Or a better approach, do the user authentication with a separate POJO against the database or something.


K. Tsang JavaRanch SCJP5 SCJD/OCM-JD OCPJP7 OCPWCD5 OCPBCD5
Lalit Pawar
Greenhorn

Joined: Jul 08, 2013
Posts: 2
We are getting same message i.e. com.jcraft.jsch.JSchException: Auth fail

So we are not sure how to differentiate that message. We are using version jsch-0.1.42.jar
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1067
    
  10

Lalit Pawar wrote:
So we are not sure how to differentiate that message.


It's over a year since I last looked at this but I don't think you can with any SSH client! Authentication is governed by http://www.ietf.org/rfc/rfc4252.txt and a failure to authenticate produces a return of SSH_MSG_USERAUTH_FAILURE regardless of the failure mode. I don't remember there being any field in the failure message to detail the reason.

In any authentication system it is advisable not to give a reason for a failure to authenticate since it could provide information to an attacker.

P.S. I'm not keen on your use of " config.put("StrictHostKeyChecking", "no")" since it weakens the mutual authentication.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: JSch issue : com.jcraft.jsch.JSchException: Auth fail