Authentication extensions must extend this class. Only CheckUserName
and Authenticate must be overridden. The only job of CheckUserName
is to set userInfo.IsValidUserName to true if the user-name
(userInfo.UserName) is valid. Authenticate must set
userInfo.IsCorrectPassword to true if the password
(authInfo.Password) is correct for the given user-name
(userInfo.UserName). Alternatively, userInfo.IsValidKey must be true
if public key authentication is being attempted. If the home folder of the template user
(usually defaultExtension - see below) is set to %ExternalHomeFolder%
the value of HomeDirectory should be set to the path of the Windows directory
that you wish to be the home of the user.
The value of the Configuration field entered in the Manager is accessible via the
ExtensionConfiguration property.
| LoadedUserInfo LoadUserInfo(IUserInfo suppliedUserInfo) |
| Return an object containing the loaded user details if the user-name (userInfo.UserName) is valid. This method is called
automatically in the default implementation of CheckUserName. |
| void CheckUserName(IUserInfo userInfo) |
| Set userInfo.IsValidUserName to true if the user-name (userInfo.UserName) is valid. |
| void Authenticate(IAuthenticationInfo authInfo) |
| Set userInfo.IsCorrectPassword to true if the password (authInfo.Password) is correct
for the given user-name (userInfo.UserName). Or, if public key authentication is being used, set userInfo.IsValidKey to true
if the key details supplied in the IAuthenticationInfo are valid. If the home folder of the template user (usually default_external - see above)
is set to %ExternalHomeFolder% the value of HomeDirectory should be set to the path of the Windows directory that you wish to be the home of the user. |
| void Initialize(IPlugInInfo info) |
| Perform any required initialization that your extension requires. |
| void Dispose() |
| Perform any clean-up that your extension requires. |
| string LogInAsUserName |
| Optionally override this property to set a template user other than default_external (see above) |
| string ExtensionName |
| Name of the extension entered in the CompleteFTP Manager. |
| Guid ExtensionID |
| Identifier of the extension. |
| string ExtensionConfiguration |
| Configuration entered for the extension in CompleteFTP Manager. |
| string HomeDirectory |
| The user's home directory if available. |
| List<byte[]> DSAPublicKeys |
| The list of DSA public key blobs for this user. Each key is a byte array of the standard OpenSSH or SECSH formats for public keys. |
| List<byte[]> RSAPublicKeys |
| The list of RSA public key blobs for this user. Each key is a byte array of the standard OpenSSH or SECSH formats for public keys. |
| string PasswordHash |
| The MD5 hash of the user's password |
| string PasswordSalt |
| The salt prepended to the user's password prior to the MD5 hash. This can be null if a salt has not been used. |
| string Password |
| Setter only to set the user's password. This populates the PasswordHash field. |
| bool MustChangePassword |
| Set to true if the user must change their password |
| List<string> Groups |
| Names of groups of which the user is a member (in addition to those of the log-in-as user). |
| string UserName |
| User-name that the client is presenting. |
| string Protocol |
| Protocol that the client connect with |
| IPEndPoint RemoteEndPoint |
| Client's IP address and port-number. |
| IPEndPoint LocalEndPoint |
| IP address and port-number that the client connected to |
| X509Certificate2 ClientCertificate |
SSL certificate presented by the client. The value will be null for all cases except where all of the following are true:
- the protocol is FTPS or HTTPS
- CompleteFTP is configured to require client certificates
- the client certificate has already been validated via the Windows Certificate Store
|
| bool IsValidUserName |
| Set to true if the user-name is valid. |
| string SiteName |
| Name of site that is requesting authentication |
| Guid SiteID |
| Identifier of site that is requesting authentication.
To obtain the ID for a given site you need to look at the log file; the ID is logged
each time a site is started. |
| List<string> Groups |
| Names of groups of which the user is a member (in addition to those of the log-in-as user). |
| string HomeDirectory |
| Home folder override |
IAuthenticationInfo extends IUserInfo so it has all the properties of IUserInfo plus:
| string Password |
| Password that the client is presenting. |
| IsCorrectPassword |
| Set to true if the password is correct for the given user. |
| bool MustChangePassword |
| Set to true if the user must change their password. |
| bool IsValidKey |
| Set to true if public key authentication is successful for the given user. |
| AuthenticationMethod AuthenticationMethod |
| Authentication being used. |
| PublicKeyAlgorithm KeyAlgorithm |
| Provides the public key algorithm used if this is public key authentication. |
| byte[] KeyCheckData |
| Provides the key check data if this is public key authentication. To authenticate using public key authentication, the client uses its
private key to sign a block of data, producing SignatureBlob which is sent to the server. The server calculates the same block of data (the KeyCheckData) and
verifies using the stored copy of the client's public key that SignatureBlob was indeed produced by the client signing the same block of data with its private key. The
contents of KeyCheckData are defined in RFC 4252 Section 7. |
| byte[] SignatureBlob |
| Provides the signature blob if this is public key authentication. See KeyCheckData. |
| X509Certificate2 ClientCertificate |
SSL certificate presented by the client. The value will be null for all cases except where all of the following are true:
- the protocol is FTPS or HTTPS
- CompleteFTP is configured to require client certificates
- the client certificate has already been validated via the Windows Certificate Store
|