File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Other JSE/JEE APIs and the fly likes JSch issue : com.jcraft.jsch.JSchException: Auth fail Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Other JSE/JEE APIs
Bookmark "JSch issue : com.jcraft.jsch.JSchException: Auth fail" Watch "JSch issue : com.jcraft.jsch.JSchException: Auth fail" New topic

JSch issue : com.jcraft.jsch.JSchException: Auth fail

Lalit Pawar

Joined: Jul 08, 2013
Posts: 2

We are using JSch apis for SFTP access.
In our current project we want to differentiate between normal login failure due to invalid credentials and login failure due to account has been locked.
Can someone suggest how to do ? Below is our code snippet

public Session getSFTPSession(String userID, String password, int port,
String hostIP) throws IBPPException {"In getFtpSession");
JSch jsch = new JSch();
Session sftpSession = null;

try {
sftpSession = jsch.getSession(userID, hostIP, port);"sftpSession" + sftpSession);
Properties config = new Properties();
config.put("StrictHostKeyChecking", "no");
sftpSession.setTimeout(10 * 60 * 1000);
sftpSession.connect();"SFT connection open");

} catch (JSchException jsche) {"Error creating SFTP session. Exception is "
+ jsche.getMessage());

throw new BusinessException(ExceptionConstants.INVALID_LOGON,
CLASS_NAME, "getSFTPSession");
return sftpSession;

K. Tsang

Joined: Sep 13, 2007
Posts: 3130

Welcome to the Ranch

Well when you try to connect with a locked user id, will the JSchException message different from a wrong password login? If so catch that message and throw your specific exception.

Or a better approach, do the user authentication with a separate POJO against the database or something.

K. Tsang JavaRanch SCJP5 SCJD OCPJP7 OCPWCD5 OCPBCD5 OCPWSD5 OCMJEA5 part 1 part 2/3
Lalit Pawar

Joined: Jul 08, 2013
Posts: 2
We are getting same message i.e. com.jcraft.jsch.JSchException: Auth fail

So we are not sure how to differentiate that message. We are using version jsch-0.1.42.jar
Richard Tookey

Joined: Aug 27, 2012
Posts: 1166

Lalit Pawar wrote:
So we are not sure how to differentiate that message.

It's over a year since I last looked at this but I don't think you can with any SSH client! Authentication is governed by and a failure to authenticate produces a return of SSH_MSG_USERAUTH_FAILURE regardless of the failure mode. I don't remember there being any field in the failure message to detail the reason.

In any authentication system it is advisable not to give a reason for a failure to authenticate since it could provide information to an attacker.

P.S. I'm not keen on your use of " config.put("StrictHostKeyChecking", "no")" since it weakens the mutual authentication.
I agree. Here's the link:
subject: JSch issue : com.jcraft.jsch.JSchException: Auth fail
It's not a secret anymore!