use of org.dom4j.QName in project Openfire by igniterealtime.
the class SASLAuthentication method getSASLMechanismsElement.
public static Element getSASLMechanismsElement(ClientSession session) {
final Element result = DocumentHelper.createElement(new QName("mechanisms", new Namespace("", SASL_NAMESPACE)));
for (String mech : getSupportedMechanisms()) {
if (mech.equals("EXTERNAL")) {
boolean trustedCert = false;
if (session.isSecure()) {
final Connection connection = ((LocalClientSession) session).getConnection();
if (SKIP_PEER_CERT_REVALIDATION_CLIENT.getValue()) {
// Trust that the peer certificate has been validated when TLS got established.
trustedCert = connection.getPeerCertificates() != null && connection.getPeerCertificates().length > 0;
} else {
// Re-evaluate the validity of the peer certificate.
final TrustStore trustStore = connection.getConfiguration().getTrustStore();
trustedCert = trustStore.isTrusted(connection.getPeerCertificates());
}
}
if (!trustedCert) {
// Do not offer EXTERNAL.
continue;
}
}
final Element mechanism = result.addElement("mechanism");
mechanism.setText(mech);
}
// OF-2072: Return null instead of an empty element, if so configured.
if (JiveGlobals.getBooleanProperty("sasl.client.suppressEmpty", false) && result.elements().isEmpty()) {
return null;
}
return result;
}
Aggregations