The easiest way to do this, if I understand you correctly, is to set your forced command to a script which interrogates the SSH_ORIGINAL_COMMAND variable. Assuming that the requested operation is legitimate, it can then exec whatever process is appropriate.
signature.asc
Description: Digital signature
