Re: [PR] Add SFTP password authentication tests for Commons VFS2 [commons-vfs]
garydgregory merged PR #754: URL: https://github.com/apache/commons-vfs/pull/754 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
Re: [PR] Add SFTP password authentication tests for Commons VFS2 [commons-vfs]
garydgregory commented on PR #754: URL: https://github.com/apache/commons-vfs/pull/754#issuecomment-4303865017 Hello @VaishKumbhar Thank you for your update. Note the failures on Linux and macOS. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
Re: [PR] Add SFTP password authentication tests for Commons VFS2 [commons-vfs]
garydgregory commented on PR #754: URL: https://github.com/apache/commons-vfs/pull/754#issuecomment-4188835071 Hello @VaishKumbhar Thank you for your PR. Would you be willing to update this PR to the current version of SSHD [3.0.0-M2](https://central.sonatype.com/artifact/org.apache.sshd/sshd/3.0.0-M2) ? This would be also updating `SftpTestServerHelper`. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
Re: [PR] Add SFTP password authentication tests for Commons VFS2 [commons-vfs]
VaishKumbhar commented on PR #754: URL: https://github.com/apache/commons-vfs/pull/754#issuecomment-4168092935 Hi @garydgregory Request change was done -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
Re: [PR] Add SFTP password authentication tests for Commons VFS2 [commons-vfs]
garydgregory commented on code in PR #754:
URL: https://github.com/apache/commons-vfs/pull/754#discussion_r3000871544
##
commons-vfs2/src/test/java/org/apache/commons/vfs2/provider/sftp/SftpPasswordAuthTest.java:
##
@@ -0,0 +1,259 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.vfs2.provider.sftp;
+
+import static org.apache.commons.vfs2.VfsTestUtils.getTestDirectoryFile;
+import static org.junit.jupiter.api.Assertions.*;
+
+import java.io.File;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.time.Duration;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.commons.vfs2.*;
+import org.apache.commons.vfs2.auth.StaticUserAuthenticator;
+import org.apache.commons.vfs2.impl.DefaultFileSystemConfigBuilder;
+import org.apache.commons.vfs2.impl.DefaultFileSystemManager;
+import org.apache.commons.vfs2.provider.local.DefaultLocalFileProvider;
+import org.apache.sshd.SshServer;
+import org.apache.sshd.common.KeyPairProvider;
+import org.apache.sshd.common.NamedFactory;
+import org.apache.sshd.common.Session;
+import org.apache.sshd.server.Command;
+import org.apache.sshd.server.FileSystemFactory;
+import org.apache.sshd.server.FileSystemView;
+import org.apache.sshd.server.SshFile;
+import org.apache.sshd.server.filesystem.NativeSshFile;
+import org.apache.sshd.server.sftp.SftpSubsystem;
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.MethodOrderer;
+import org.junit.jupiter.api.Order;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.TestMethodOrder;
+
+import com.jcraft.jsch.TestIdentityRepositoryFactory;
+
+/**
+ * Tests SFTP password authentication using {@link StaticUserAuthenticator}.
+ *
+ * Verifies that credentials supplied via {@link
DefaultFileSystemConfigBuilder#setUserAuthenticator}
+ * are correctly propagated to the SFTP server.
+ *
+ *
+ * Uses SSHD 0.8.0 with an explicit RSA {@link KeyPairProvider} for Java 17
compatibility
+ * (the default DSA key generation is disabled on modern JDKs).
+ *
+ */
+@TestMethodOrder(MethodOrderer.OrderAnnotation.class)
+public class SftpPasswordAuthTest {
+
+private static final String TEST_USERNAME = "testuser";
+private static final String TEST_PASSWORD = "testpass";
+
+private static SshServer sshServer;
+private static int serverPort;
+private static DefaultFileSystemManager manager;
+
+@BeforeAll
+static void setUp() throws Exception {
+sshServer = SshServer.setUpDefaultServer();
+sshServer.setPort(0);
+
+final KeyPairGenerator hostKeyGen =
KeyPairGenerator.getInstance("RSA");
+hostKeyGen.initialize(2048);
+final KeyPair hostKey = hostKeyGen.generateKeyPair();
+sshServer.setKeyPairProvider(new KeyPairProvider() {
+@Override
+public KeyPair loadKey(final String type) {
+return KeyPairProvider.SSH_RSA.equals(type) ? hostKey : null;
+}
+@Override
+public String getKeyTypes() {
+return KeyPairProvider.SSH_RSA;
+}
+});
+
+sshServer.setPasswordAuthenticator(
+(user, pass, session) -> TEST_USERNAME.equals(user) &&
TEST_PASSWORD.equals(pass));
+
+final List> subsystems = new ArrayList<>();
+subsystems.add(new NamedFactory() {
+@Override
+public Command create() { return new SftpSubsystem(); }
+@Override
+public String getName() { return "sftp"; }
+});
+sshServer.setSubsystemFactories(subsystems);
+
+sshServer.setFileSystemFactory(new TestFileSystemFactory());
+sshServer.start();
+
+serverPort = sshServer.getPort();
+
+manager = new DefaultFileSystemManager();
+manager.addProvider("sftp", new SftpFileProvider());
+manager.addProvider("file", new DefaultLocalFileProvider());
+manager.init();
+}
+
+@AfterAll
+static void tearDown() throws Exception {
+if (manager != null) {
+try {
+manager.close();
+} catch (final Except
[PR] Add SFTP password authentication tests for Commons VFS2 [commons-vfs]
VaishKumbhar opened a new pull request, #754: URL: https://github.com/apache/commons-vfs/pull/754 ## What Adds `SftpPasswordAuthTest` — new test class that verify SFTP password authentication via `StaticUserAuthenticator` in Commons VFS2. ## Why There is no dedicated test for SFTP password-based authentication. The existing `SftpProviderTest` relies on `SftpTestServerHelper` which accepts `username == password` and also allows `UserAuthNone`, so it does not specifically validate that `StaticUserAuthenticator` credentials are correctly propagated through the VFS2 SFTP provider. ## How - Each test spins up an inline embedded SSHD 0.8.0 server with a strict `PasswordAuthenticator` that only accepts a specific username/password pair. - The server uses an explicit RSA 2048-bit host key instead of the SSHD 0.8.0 default DSA key, which is incompatible with Java 17+ (disabled legacy crypto algorithms). - Server teardown uses a daemon thread with a 5-second timeout to prevent JVM hangs caused by SSHD 0.8.0 lingering sessions after failed authentication. - Tests verify: resolving files, resolving folders (with and without trailing slash), and that wrong credentials produce a `FileSystemException`. ## Test summary | Test | Description | |--|-| | `testResolveFile` | Connects with correct credentials, resolves a file, asserts it exists and is readable | | `testResolveFolder` | Connects with correct credentials, resolves a directory | | `testResolveFolderWithTrailingSlash` | Same as above with trailing slash in URI | | `testWrongCredentialsThrowsException` | Connects with wrong credentials, asserts `FileSystemException` is thrown | -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
