wodSSHServer ActiveX Control - LoginPassword Event
 LoginPassword Event
    
 

Description

Fires when user wants to authenticate to the server using password or keyboard-interactive mechanism.


Syntax

Private Sub object_LoginPassword(User, Login, Password, Action)



The LoginPassword Event syntax has these parts:

Part Description
object A wodSSHD object.
User A SSHUser object. Reference to object that holds information about the connected user.
Login A String value. Holds login info entered by the user.
Password A String value. Holds password info entered by the user.
Action A SSHActions enumeration, as described in settings. Return variable you should set to Allow or Deny, depending if you will allow or deny access for the user.

Settings

The settings for Action are:

Constant Value Description
 Deny 0 Deny execution of the action.
 Allow 1 Allow to execute action.

Remarks

LoginPassword event is fired when the client connects and tries to authenticate with the server. Since wodSSHD does not have or keep any kind of database about users, you should test login and password arguments to determine if you will allow client to connect or not. Typically, you will check this information against some database or file, and set Action variable to Allow - if access is allowed, or Deny - if access is NOT allowed.

By default, Action variable is set to Deny. Although this is bad idea for testing purposes where you want to make the server 'in 1 minute' and allow anyone to connect (usually you, of course), if it would be set to Allow it would be potential problem in case this event is not received by your software. It is possible, under certain circumstances, when you show modal dialog in your software and your application is unable to receive events. If something like this happens, clients that try to connect in that time will be rejected.

Login and Password variables are read-only, but they actually are a copy of User.Login and User.Password properties. You might want to change their values to something else, since they are not needed for the protocol anymore (you already made decision if you will allow client to connect through Action variable), and will be held until client disconnects. However, if you decided to set UseNTAuthentication to True, then wodSSHD will read contents of those properties to create user environment for the shell (or some executed program) so that program is run with privilege of your choice.

For example, you might want to allow all users to login, and when they login you will give them 'Guest' privileges. In that case, in this event you will set User.Login and User.Password properties to login/password combination for guest user on your computer. Later, when shell is to be started, wodSSHD will use this information to create security context for guest user, thus no harm could be done to your computer.

NOTE for telnet users: immediately upon client connects to the server, this event will be fired with empty Login and Password arguments. If you want to let use login without providing this information (warning: security leak!), just set Action = Allow. If you don't want to allow access at this point, wodSSHServer will internally generate and send login and password prompt where user will enter this information, and this event will be fired again with that information.

If you set BannerText property, it will be send to the client before Login and Password prompt.