Example 21 with UnauthorizedException
use of org.jivesoftware.openfire.auth.UnauthorizedException in project Openfire by igniterealtime.
the class ServerStanzaHandler method packetReceived.
/**
* Make sure that the received packet has a TO and FROM values defined and that it was sent
* from a previously validated domain. If the packet does not matches any of the above
* conditions then a PacketRejectedException will be thrown.
*
* @param packet the received packet.
* @throws UnauthorizedException if the packet does not include a TO or FROM or if the packet
* was sent from a domain that was not previously validated.
*/
private void packetReceived(Packet packet) throws UnauthorizedException {
if (packet.getTo() == null || packet.getFrom() == null) {
Log.debug("ServerStanzaHandler: Closing IncomingServerSession due to packet with no TO or FROM: " + packet.toXML());
// Send a stream error saying that the packet includes no TO or FROM
StreamError error = new StreamError(StreamError.Condition.improper_addressing);
connection.deliverRawText(error.toXML());
throw new UnauthorizedException("Packet with no TO or FROM attributes");
} else if (!((LocalIncomingServerSession) session).isValidDomain(packet.getFrom().getDomain())) {
Log.debug("ServerStanzaHandler: Closing IncomingServerSession due to packet with invalid domain: " + packet.toXML());
// Send a stream error saying that the packet includes an invalid FROM
StreamError error = new StreamError(StreamError.Condition.invalid_from);
connection.deliverRawText(error.toXML());
throw new UnauthorizedException("Packet with no TO or FROM attributes");
}
}
Also used :
LocalIncomingServerSession(org.jivesoftware.openfire.session.LocalIncomingServerSession)
StreamError(org.xmpp.packet.StreamError)
UnauthorizedException(org.jivesoftware.openfire.auth.UnauthorizedException)
Example 22 with UnauthorizedException
use of org.jivesoftware.openfire.auth.UnauthorizedException in project Openfire by igniterealtime.
the class NIOConnection method deliver.
@Override
public void deliver(Packet packet) throws UnauthorizedException {
if (isClosed()) {
backupDeliverer.deliver(packet);
} else {
boolean errorDelivering = false;
IoBuffer buffer = IoBuffer.allocate(4096);
buffer.setAutoExpand(true);
try {
buffer.putString(packet.getElement().asXML(), encoder.get());
if (flashClient) {
buffer.put((byte) '\0');
}
buffer.flip();
ioSessionLock.lock();
try {
ioSession.write(buffer);
} finally {
ioSessionLock.unlock();
}
} catch (Exception e) {
Log.debug("Error delivering packet:\n" + packet, e);
errorDelivering = true;
}
if (errorDelivering) {
close();
// Retry sending the packet again. Most probably if the packet is a
// Message it will be stored offline
backupDeliverer.deliver(packet);
} else {
session.incrementServerPacketCount();
}
}
}
Also used :
UnauthorizedException(org.jivesoftware.openfire.auth.UnauthorizedException)
IOException(java.io.IOException)
UnknownHostException(java.net.UnknownHostException)
IoBuffer(org.apache.mina.core.buffer.IoBuffer)
Example 23 with UnauthorizedException
use of org.jivesoftware.openfire.auth.UnauthorizedException in project Openfire by igniterealtime.
the class BaseTransport method processPacket.
/**
* Handles all incoming iq stanzas.
*
* @param packet The iq packet to be processed.
* @return list of packets that will be sent back to the IQ requester.
*/
private List<Packet> processPacket(IQ packet) {
Log.debug("Received iq packet: " + packet.toXML());
List<Packet> reply = new ArrayList<Packet>();
if (packet.getType() == IQ.Type.error) {
// Lets not start a loop. Ignore.
return reply;
}
String xmlns = null;
Element child = (packet).getChildElement();
if (child != null) {
xmlns = child.getNamespaceURI();
}
if (xmlns == null) {
// No namespace defined.
Log.debug("No XMLNS:" + packet.toString());
IQ error = IQ.createResultIQ(packet);
error.setError(Condition.bad_request);
reply.add(error);
return reply;
}
if (xmlns.equals(NameSpace.DISCO_INFO)) {
reply.addAll(handleDiscoInfo(packet));
} else if (xmlns.equals(NameSpace.DISCO_ITEMS)) {
reply.addAll(handleDiscoItems(packet));
} else if (xmlns.equals(NameSpace.IQ_GATEWAY)) {
reply.addAll(handleIQGateway(packet));
} else if (xmlns.equals(NameSpace.IQ_REGISTER)) {
// could/should be made more generic.
try {
// note that this handler does not make use of the reply-queue.
// Instead, it sends packets directly.
new RegistrationHandler(this).process(packet);
} catch (UnauthorizedException ex) {
final IQ result = IQ.createResultIQ(packet);
result.setError(Condition.forbidden);
reply.add(result);
final Message em = new Message();
em.setType(Message.Type.error);
em.setTo(packet.getFrom());
em.setFrom(packet.getTo());
em.setBody(ex.getMessage());
reply.add(em);
}
} else if (xmlns.equals(NameSpace.IQ_VERSION)) {
reply.addAll(handleIQVersion(packet));
} else if (xmlns.equals(NameSpace.VCARD_TEMP) && child.getName().equals("vCard")) {
reply.addAll(handleVCardTemp(packet));
} else if (xmlns.equals(NameSpace.IQ_ROSTER)) {
// No reason to 'argue' about this one. Return success.
reply.add(IQ.createResultIQ(packet));
} else if (xmlns.equals(NameSpace.IQ_LAST)) {
reply.addAll(handleIQLast(packet));
} else {
Log.debug("Unable to handle iq request: " + xmlns);
IQ error = IQ.createResultIQ(packet);
error.setError(Condition.service_unavailable);
reply.add(error);
}
return reply;
}
Also used :
Element(org.dom4j.Element)
UnauthorizedException(org.jivesoftware.openfire.auth.UnauthorizedException)
RegistrationHandler(net.sf.kraken.registration.RegistrationHandler)
Example 24 with UnauthorizedException
use of org.jivesoftware.openfire.auth.UnauthorizedException in project Openfire by igniterealtime.
the class RegistrationHandler method setRegistrationForm.
/**
* Handles a IQ-register 'set' request, which is to be interpreted as a
* request to create a new registration.
*
* @param packet the IQ-register 'set' stanza.
* @throws UnauthorizedException if the user isn't allowed to register.
*/
private void setRegistrationForm(IQ packet) throws UnauthorizedException {
final JID from = packet.getFrom();
final boolean registered;
Collection<Registration> registrations = RegistrationManager.getInstance().getRegistrations(from, parent.transportType);
if (registrations.iterator().hasNext()) {
registered = true;
} else {
registered = false;
}
if (!registered && !parent.permissionManager.hasAccess(from)) {
// registered.
throw new UnauthorizedException(LocaleUtils.getLocalizedString("gateway.base.registrationdeniedbyacls", "kraken"));
}
// Parse the input variables
String username = null;
String password = null;
String nickname = null;
try {
if (packet.getChildElement().element("x") != null) {
final DataForm form = new DataForm(packet.getChildElement().element("x"));
final List<FormField> fields = form.getFields();
for (final FormField field : fields) {
final String var = field.getVariable();
if (var.equals("username")) {
username = field.getValues().get(0);
} else if (var.equals("password")) {
password = field.getValues().get(0);
} else if (var.equals("nick")) {
nickname = field.getValues().get(0);
}
}
}
}// specific subclasses instead).
catch (Exception ex) {
// No with data form apparently
Log.info("Most likely, no dataform was present " + "in the IQ-register request.", ex);
}
// input variables could also exist in the non-extended elements
final Element userEl = packet.getChildElement().element("username");
final Element passEl = packet.getChildElement().element("password");
final Element nickEl = packet.getChildElement().element("nick");
if (userEl != null) {
username = userEl.getTextTrim();
}
if (passEl != null) {
password = passEl.getTextTrim();
}
if (nickEl != null) {
nickname = nickEl.getTextTrim();
}
username = (username == null || username.equals("")) ? null : username;
password = (password == null || password.equals("")) ? null : password;
nickname = (nickname == null || nickname.equals("")) ? null : nickname;
// verify that we've got wat we need.
if (username == null || (parent.isPasswordRequired() && password == null) || (parent.isNicknameRequired() && nickname == null)) {
// Invalid information from stanza, lets yell.
Log.info("Cannot process IQ register request, as it " + "fails to provide all data that's required: " + packet.toXML());
final IQ result = IQ.createResultIQ(packet);
result.setError(Condition.bad_request);
parent.sendPacket(result);
return;
}
// Check if the client supports our proprietary 'rosterless' mode.
final boolean rosterlessMode;
final Element x = packet.getChildElement().element("x");
if (x != null && x.getNamespaceURI() != null && x.getNamespaceURI().equals(NameSpace.IQ_GATEWAY_REGISTER)) {
rosterlessMode = true;
Log.info("Registering " + packet.getFrom() + " as " + username + " in rosterless mode.");
} else {
rosterlessMode = false;
Log.info("Registering " + packet.getFrom() + " as " + username + " (without making use of rosterless mode).");
}
// Here's where the true magic lies: create the registration!
try {
addNewRegistration(from, username, password, nickname, rosterlessMode);
registrations = RegistrationManager.getInstance().getRegistrations(from, parent.transportType);
Registration registration = registrations.iterator().next();
TransportSession session = parent.registrationLoggedIn(registration, from, PresenceType.available, "", -1);
session.setRegistrationPacket(packet);
session.detachSession();
parent.getSessionManager().storeSession(from, session);
//final IQ result = IQ.createResultIQ(packet);
// I believe this shouldn't be included. Leaving it around just in
// case.
// Element response =
// DocumentHelper.createElement(QName.get("query", IQ_REGISTER));
// result.setChildElement(response);
//parent.sendPacket(result);
} catch (UserNotFoundException e) {
Log.warn("Someone attempted to register with the gateway " + "who is not registered with the server: " + from);
final IQ eresult = IQ.createResultIQ(packet);
eresult.setError(Condition.forbidden);
parent.sendPacket(eresult);
final Message em = new Message();
em.setType(Message.Type.error);
em.setTo(packet.getFrom());
em.setFrom(packet.getTo());
em.setBody(LocaleUtils.getLocalizedString("gateway.base.registrationdeniednoacct", "kraken"));
parent.sendPacket(em);
} catch (IllegalAccessException e) {
Log.warn("Someone who is not a user of this server " + "tried to register with the transport: " + from);
final IQ eresult = IQ.createResultIQ(packet);
eresult.setError(Condition.forbidden);
parent.sendPacket(eresult);
final Message em = new Message();
em.setType(Message.Type.error);
em.setTo(packet.getFrom());
em.setFrom(packet.getTo());
em.setBody(LocaleUtils.getLocalizedString("gateway.base.registrationdeniedbyhost", "kraken"));
parent.sendPacket(em);
} catch (IllegalArgumentException e) {
Log.warn("Someone attempted to register with the " + "gateway with an invalid username: " + from);
final IQ eresult = IQ.createResultIQ(packet);
eresult.setError(Condition.bad_request);
parent.sendPacket(eresult);
final Message em = new Message();
em.setType(Message.Type.error);
em.setTo(packet.getFrom());
em.setFrom(packet.getTo());
em.setBody(LocaleUtils.getLocalizedString("gateway.base.registrationdeniedbadusername", "kraken"));
parent.sendPacket(em);
}
}
Also used :
UserNotFoundException(org.jivesoftware.openfire.user.UserNotFoundException)
JID(org.xmpp.packet.JID)
Message(org.xmpp.packet.Message)
Element(org.dom4j.Element)
IQ(org.xmpp.packet.IQ)
TransportSession(net.sf.kraken.session.TransportSession)
PacketException(org.jivesoftware.openfire.PacketException)
UnauthorizedException(org.jivesoftware.openfire.auth.UnauthorizedException)
NotFoundException(org.jivesoftware.util.NotFoundException)
UserNotFoundException(org.jivesoftware.openfire.user.UserNotFoundException)
UnauthorizedException(org.jivesoftware.openfire.auth.UnauthorizedException)
DataForm(org.xmpp.forms.DataForm)
FormField(org.xmpp.forms.FormField)
Example 25 with UnauthorizedException
use of org.jivesoftware.openfire.auth.UnauthorizedException in project Openfire by igniterealtime.
the class RegistrationHandler method getRegistrationForm.
/**
* Handles a IQ-register 'get' request, which is to be interpreted as a
* request for a registration form template. The template will be prefilled
* with data, if the requestee has a current registration with the gateway.
*
* @param packet the IQ-register 'get' stanza.
* @throws UnauthorizedException if the user is not allowed to make use of the gateway.
*/
private void getRegistrationForm(IQ packet) throws UnauthorizedException {
final JID from = packet.getFrom();
final IQ result = IQ.createResultIQ(packet);
// search for existing registrations
String curUsername = null;
String curPassword = null;
String curNickname = null;
Boolean registered = false;
final Collection<Registration> registrations = RegistrationManager.getInstance().getRegistrations(from, parent.transportType);
if (registrations.iterator().hasNext()) {
Registration registration = registrations.iterator().next();
curUsername = registration.getUsername();
curPassword = registration.getPassword();
curNickname = registration.getNickname();
registered = true;
}
// Verify that the user is allowed to make use of the gateway.
if (!registered && !parent.permissionManager.hasAccess(from)) {
// registered.
throw new UnauthorizedException(LocaleUtils.getLocalizedString("gateway.base.registrationdeniedbyacls", "kraken"));
}
// generate a template registration form.
final Element response = DocumentHelper.createElement(QName.get("query", NameSpace.IQ_REGISTER));
final DataForm form = new DataForm(DataForm.Type.form);
form.addInstruction(parent.getTerminologyRegistration());
final FormField usernameField = form.addField();
usernameField.setLabel(parent.getTerminologyUsername());
usernameField.setVariable("username");
usernameField.setType(FormField.Type.text_single);
if (curUsername != null) {
usernameField.addValue(curUsername);
}
final FormField passwordField = form.addField();
passwordField.setLabel(parent.getTerminologyPassword());
passwordField.setVariable("password");
passwordField.setType(FormField.Type.text_private);
if (curPassword != null) {
passwordField.addValue(curPassword);
}
final String nicknameTerm = parent.getTerminologyNickname();
if (nicknameTerm != null) {
FormField nicknameField = form.addField();
nicknameField.setLabel(nicknameTerm);
nicknameField.setVariable("nick");
nicknameField.setType(FormField.Type.text_single);
if (curNickname != null) {
nicknameField.addValue(curNickname);
}
}
response.add(form.getElement());
response.addElement("instructions").addText(parent.getTerminologyRegistration());
// exists.
if (registered) {
response.addElement("registered");
response.addElement("username").addText(curUsername);
if (curPassword == null) {
response.addElement("password");
} else {
response.addElement("password").addText(curPassword);
}
if (nicknameTerm != null) {
if (curNickname == null) {
response.addElement("nick");
} else {
response.addElement("nick").addText(curNickname);
}
}
} else {
response.addElement("username");
response.addElement("password");
if (nicknameTerm != null) {
response.addElement("nick");
}
}
// Add special indicator for rosterless gateway handling.
response.addElement(QName.get("x", NameSpace.IQ_GATEWAY_REGISTER));
result.setChildElement(response);
parent.sendPacket(result);
}Aggregations
UnauthorizedException (org.jivesoftware.openfire.auth.UnauthorizedException)30
UserNotFoundException (org.jivesoftware.openfire.user.UserNotFoundException)13
Element (org.dom4j.Element)11
IQ (org.xmpp.packet.IQ)10
JID (org.xmpp.packet.JID)10
ConnectionException (org.jivesoftware.openfire.auth.ConnectionException)7
PacketException (org.jivesoftware.openfire.PacketException)6
InternalUnauthenticatedException (org.jivesoftware.openfire.auth.InternalUnauthenticatedException)6
UserAlreadyExistsException (org.jivesoftware.openfire.user.UserAlreadyExistsException)5
IOException (java.io.IOException)4
AuthToken (org.jivesoftware.openfire.auth.AuthToken)4
StreamError (org.xmpp.packet.StreamError)4
StringprepException (gnu.inet.encoding.StringprepException)3
WebApplicationException (javax.ws.rs.WebApplicationException)3
ClientSession (org.jivesoftware.openfire.session.ClientSession)3
LocalClientSession (org.jivesoftware.openfire.session.LocalClientSession)3
User (org.jivesoftware.openfire.user.User)3
NotFoundException (org.jivesoftware.util.NotFoundException)3
DataForm (org.xmpp.forms.DataForm)3
FormField (org.xmpp.forms.FormField)3
