6

I need to limit the concurrent sessions allowed per user in an apache SshServer. I found two references to this functionality, but they seem to be obsolete.
Here's the original patch back in 2010: https://issues.apache.org/jira/browse/SSHD-95
I also found this reference to its usage: http://apache-mina.10907.n7.nabble.com/How-to-set-max-count-connections-in-sshd-service-td44764.html

Which refers to a SshServer.setProperty() method. I'm using sshd-core 2.4.0, and this method is absent from SshServer, I can't see any obvious replacement, and I can't find any documentation on what has happened to it or how I'm supposed to do this now. I still see the MAX_CONCURRENT_SESSIONS key in ServerFactoryManager, so I assume the functionality is still in there somewhere, but I can't find where I need to set it.

Here's what the setup of the server looks like (it's for an SFTP server, but that shouldn't matter for the problem at ahnd, I thnk):

    private val server = SshServer.setUpDefaultServer().apply {
        val sftpSubsystemFactory = SftpSubsystemFactory().apply {
            addSftpEventListener(sftpEventListener)
        }
        port = sftpPort
        host = "localhost"
        keyPairProvider = when {
            sftpKeyname.isEmpty() -> throw IllegalStateException("No key name for SFTP, aborting!")
            sftpKeyname == "NO_RSA" -> {
                log.warn("Explicitly using NO_RSA, sftp encryption is insecure!")
                SimpleGeneratorHostKeyProvider(File("host.ser").toPath())
            }
            else -> KeyPairProvider.wrap(loadKeyPair(sftpKeyname))
        }

        setPasswordAuthenticator { username, password, _ ->
// current evil hack to prevent users from opening more than one session            
if (activeSessions.any { it.username == username }) {
                log.warn("User attempted multiple concurrent sessions!")
                throw IllegalUserStateException("User already has a session!")
            } else {
                log.debug("new session for user $username")
                // throws AuthenticationException
                authenticationService.checkCredentials(username, password)
                true
            }
        }
        subsystemFactories = listOf(sftpSubsystemFactory)
        fileSystemFactory = YellowSftpFilesystemFactory(ftpHome)
        start()
        log.info("SFTP server started on port $port")
    }
UncleBob
  • 1,233
  • 3
  • 15
  • 33
  • 1
    You haven't provided enough to reproduce your server, but is what you're looking for something like this? ```server.apply { properties[ServerFactoryManager.MAX_CONCURRENT_SESSIONS] = 50L }``` – ordonezalex Jun 16 '20 at 20:57
  • oh... oooooh, they replaced that setter with direct access to the map. I had seen the getter, but automatically assumed that map was immutable. Didn't even spring to mind that I could just get it and then set a key in it. Sometimes I really don't see the forrest for all the trees! – UncleBob Jun 22 '20 at 06:57

1 Answers1

1

(From my comment) you can set the property directly:

server.apply {
    properties[ServerFactoryManager.MAX_CONCURRENT_SESSIONS] = 50L
}
ordonezalex
  • 2,645
  • 1
  • 20
  • 33
  • 1
    For anyone coming here looking to do the same in regular Java, the solution in 2.7.0 is: `CoreModuleProperties.MAX_CONCURRENT_SESSIONS.set(server, 1);` where `server` is your SshServer instance and `1` is your connection limit. – Wisteso Mar 10 '22 at 16:22