]
Dustin Johnson updated JBESB-3474:
----------------------------------
Summary: Support Dual Authentication (username/pass and private key) for SFTP listener
(was: Support Dual Authentication (username/pass and private key) in for SFTP listener)
Support Dual Authentication (username/pass and private key) for SFTP
listener
-----------------------------------------------------------------------------
Key: JBESB-3474
URL:
https://jira.jboss.org/browse/JBESB-3474
Project: JBoss ESB
Issue Type: Feature Request
Security Level: Public(Everyone can see)
Components: Transports
Affects Versions: 4.7
Reporter: Dustin Johnson
When creating an SFTP listener, and specifying both a username/password combination and a
private key, only the username/password credentials are passed to the FTP server. This
can be a problem when an FTP server requires both forms of authentication.
The problem appears to occur in org.jboss.internal.soa.esb.util.SecureFtpImpl.java, in
initialize(bConnect). It performs the following check:
if (m_sPasswd != null) {
final UserInfo ui = new SecureFtpUserInfo(null, m_sPasswd) ;
session.setUserInfo(ui) ;
session.setConfig("PreferredAuthentications",
"password,keyboard-interactive") ;
} else if (m_oCertificate != null) {
// Setup ssh key stuff
session.setConfig("PreferredAuthentications", "publickey") ;
}
The solution may be as simple as removing the else portion, so it always checks for the
certificate to be present and adds the credentials regardless of whether a
username/password was also presented.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: