aspose file tools*
The moose likes Other JSE/JEE APIs and the fly likes JSch issue : com.jcraft.jsch.JSchException: Auth fail Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Java » Other JSE/JEE APIs
Bookmark "JSch issue : com.jcraft.jsch.JSchException: Auth fail" Watch "JSch issue : com.jcraft.jsch.JSchException: Auth fail" New topic
Author

JSch issue : com.jcraft.jsch.JSchException: Auth fail

Lalit Pawar
Greenhorn

Joined: Jul 08, 2013
Posts: 2
Hi

We are using JSch apis for SFTP access.
In our current project we want to differentiate between normal login failure due to invalid credentials and login failure due to account has been locked.
Can someone suggest how to do ? Below is our code snippet

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
public Session getSFTPSession(String userID, String password, int port,
String hostIP) throws IBPPException {
LOGGER.info("In getFtpSession");
JSch jsch = new JSch();
Session sftpSession = null;

try {
sftpSession = jsch.getSession(userID, hostIP, port);
LOGGER.info("sftpSession" + sftpSession);
sftpSession.setPassword(password);
Properties config = new Properties();
config.put("StrictHostKeyChecking", "no");
sftpSession.setConfig(config);
sftpSession.setTimeout(10 * 60 * 1000);
sftpSession.connect();
LOGGER.info("SFT connection open");

} catch (JSchException jsche) {

LOGGER.info("Error creating SFTP session. Exception is "
+ jsche.getMessage());

throw new BusinessException(ExceptionConstants.INVALID_LOGON,
CLASS_NAME, "getSFTPSession");
}
return sftpSession;
}
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

K. Tsang
Bartender

Joined: Sep 13, 2007
Posts: 1960
    
    7

Welcome to the Ranch

Well when you try to connect with a locked user id, will the JSchException message different from a wrong password login? If so catch that message and throw your specific exception.

Or a better approach, do the user authentication with a separate POJO against the database or something.


K. Tsang JavaRanch SCJP5 SCJD/OCM-JD OCPJP7
Lalit Pawar
Greenhorn

Joined: Jul 08, 2013
Posts: 2
We are getting same message i.e. com.jcraft.jsch.JSchException: Auth fail

So we are not sure how to differentiate that message. We are using version jsch-0.1.42.jar
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 960
    
  10

Lalit Pawar wrote:
So we are not sure how to differentiate that message.


It's over a year since I last looked at this but I don't think you can with any SSH client! Authentication is governed by http://www.ietf.org/rfc/rfc4252.txt and a failure to authenticate produces a return of SSH_MSG_USERAUTH_FAILURE regardless of the failure mode. I don't remember there being any field in the failure message to detail the reason.

In any authentication system it is advisable not to give a reason for a failure to authenticate since it could provide information to an attacker.

P.S. I'm not keen on your use of " config.put("StrictHostKeyChecking", "no")" since it weakens the mutual authentication.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: JSch issue : com.jcraft.jsch.JSchException: Auth fail
 
Similar Threads
Running expect4j in an SSH environment
FTP issue (using Jcrafts com.jcraft.jsch) login error :1,com.jcraft.jsch.JSchException:
jsch, trying to open tunnel and connect sftp
sftp communication with private/public key authentication
problem while creating multiple directories using mkdir of Jsch