Problem

Previously, if you tried to store a public key and a dummy private key (because private key is not required for SFTP user authentication), the sample authentication script failed when attempting to connect to use the matching private key. In 7.5.3, you can now store a public key and a dummy private key and the updated script below correctly authenticates when connecting using the matching private key.

Resolution:

This is the updated Nashorn script for authenticating connections:

var imp = new JavaImporter(com.vordel.store.keypairs, com.vordel.store.keypair, com.vordel.trace, java.util);

with (imp) {

    function invoke(msg) {
        var id = msg.get("authentication.subject.id");
        var key = msg.get("authentication.subject.public.key");
        var result = false;

        Trace.info("Input: authentication.subject.id: " + id);

        match = KeyPairs.getInstance().getKeyPairFromAlias(id).getModulus();

        if (match !== null) {
            if (key.getModulus().equals(match)) {
                Trace.info("Subject ID and key match for ID.");
                result = true;
            } else {
                Trace.info("Public key found for this subject ID, but it does not match the input key.");
            }
        } else {
            Trace.info("Public key not found for this subject ID.");
        }
        return result;
    }

}