Back to product page

LoginPassword method


Called when user wants to authenticate to the server using password or keyboard-interactive mechanism.

Type

None

Syntax

  • Basic
object.LoginPassword Owner, User, Login, Password, Action
The LoginPassword(object,Owner,User,Login,Password,Action) syntax has these parts:
objectAn expression evaluating to an object of type IwodSSHDNotify.
OwnerA wodSSHDcom object. Instance of wodSSHServer that called this notification method.
UserA SSHUser object. Reference to user that is trying to connect.
LoginA String value. Holds login info entered by the user.
PasswordA String value. Holds password info entered by the user.
ActionA SSHActions enumeration, as described in settings. as described in settings. Return variable you should set to Allow or Deny, depending if you will allow or deny access fo

Remarks

The settings for Action are:

Constant Value Description
Deny0 Deny execution of the action.
Allow 1 Allow to execute action.


This method is called only if you implemented IwodSSHNotify interface in your application, and wodSSHD.Notification property has received reference to instance of your implementation.

LoginPassword notification method is called when the client connects and tries to authenticate with the server. Since wodSSHD does not have or keep any kind of database about users, you should test login and password arguments to determine if you will allow client to connect or not. Typically, you will check this information against some database or file, and set Action variable to Allow - if access is allowed, or Deny - if access is NOT allowed.

By default, Action variable is set to Deny. Although this is bad idea for testing purposes where you want to make the server 'in 1 minute' and allow anyone to connect (usually you, of course), if it would be set to Allow it would be potential problem in case this notification method is not received by your software. It is possible, under certain circumstances, when you show modal dialog in your software and your application is unable to receive notifications. If something like this happens, clients that try to connect in that time will be rejected.

Login and Password variables are read-only, but they actually are a copy of User.Login and User.Password properties. You might want to change their values to something else, since they are not needed for the protocol anymore (you already made decision if you will allow client to connect through Action variable), and will be held until client disconnects. However, if you decided to set UseNTAuthentication to True, then wodSSHD will read contents of those properties to create user environment for the shell (or some executed program) so that program is run with privilege of your choice.

For example, you might want to allow all users to login, and when they login you will give them 'Guest' privileges. In that case, in this notification method you will set User.Login and User.Password properties to login/password combination for guest user on your computer. Later, when shell is to be started, wodSSHD will use this information to create security context for guest user, thus no harm could be done to your computer.

NOTE for telnet users: immediately upon client connects to the server, this notification method will be called with empty Login and Password arguments. If you want to let use login without providing this information (warning: security leak!), just set Action = Allow. If you don't want to allow access at this point, wodSSHServer will internally generate and send login and password prompt where user will enter this information, and this notification method will be called again with that information.

If you set BannerText property, it will be send to the client before Login and Password prompt.

Platforms

Windows