use of org.jivesoftware.openfire.interceptor.PacketRejectedException in project Openfire by igniterealtime.
the class DiscoIQRegisteredProcessor method process.
@Override
public void process(Packet packet, final String subdomain, String to, String from) throws PacketRejectedException {
Log.debug("Processing packet in DiscoIQRegisteredProcessor for " + subdomain);
// Check if the jabber:iq:register is enabled in admin panel
boolean isFeatureEnabled = JiveGlobals.getBooleanProperty("plugin.remoteroster.sparkDiscoInfo", false);
if (!isFeatureEnabled) {
Log.debug("Spark extension is deactivated. Won't change the disco#info");
return;
}
final InterceptorManager interceptorManager = InterceptorManager.getInstance();
final PacketInterceptor interceptor = new PacketInterceptor() {
public void interceptPacket(Packet packet, Session session, boolean incoming, boolean processed) throws PacketRejectedException {
if (!processed && incoming) {
if (packet instanceof IQ) {
IQ iqPacket = (IQ) packet;
Element packetElement = iqPacket.getChildElement();
if (packetElement == null)
return;
String ns = iqPacket.getChildElement().getNamespace().getURI();
if (iqPacket.getType().equals(IQ.Type.result) && ns.equals("jabber:iq:register") && iqPacket.getFrom().toString().equals(subdomain)) {
// Check if we are already registered
setRegistered(iqPacket.toString().contains("<registered/>"));
throw new PacketRejectedException();
} else if (iqPacket.getType().equals(IQ.Type.result) && ns.equals("http://jabber.org/protocol/disco#info") && iqPacket.getFrom().toString().equals(subdomain)) {
/*
* This is the answer of the disco#info from spark
* to our component. add the jabber:iq:register
* feature if we are registered
*/
if (isRegistered()) {
Log.debug("Modifying disco#info packge to send registered iq feature to Spark user " + iqPacket.getTo().toString());
Attribute attribut = new DefaultAttribute("var", "jabber:iq:registered");
iqPacket.getChildElement().addElement("feature").add(attribut);
}
}
}
}
}
};
Log.debug("Creating my own listener for jabber:iq:register result to external component " + subdomain);
interceptorManager.addInterceptor(interceptor);
IQ askComponent = new IQ();
askComponent.setTo(to);
askComponent.setFrom(from);
askComponent.setType(IQ.Type.get);
Element query = new DefaultElement(QName.get("query", "jabber:iq:register"));
askComponent.setChildElement(query);
// Remove the package intercepter in 1sec
TimerTask removeInterceptorTask = new TimerTask() {
@Override
public void run() {
Log.debug("Removing my created listener for jabber:iq:register. Component " + subdomain);
interceptorManager.removeInterceptor(interceptor);
}
};
Timer timer = new Timer();
timer.schedule(removeInterceptorTask, 1000);
// Send the register query to component
dispatchPacket(askComponent);
}
use of org.jivesoftware.openfire.interceptor.PacketRejectedException in project Openfire by igniterealtime.
the class IQRosterPayloadProcessor method handleIQset.
private void handleIQset(IQ myPacket, final String subdomain, final String username) throws PacketRejectedException {
IQ response = IQ.createResultIQ(myPacket);
List<Node> nodes = findNodesInDocument(myPacket.getElement().getDocument(), "//roster:item");
for (Node n : nodes) {
Roster roster;
String jid = n.valueOf("@jid");
String name = n.valueOf("@name");
String subvalue = n.valueOf("@subscription");
// causing trouble on register:remove
if (JiveGlobals.getBooleanProperty("plugin.remoteroster.ignoreSubdomains", true) && jid.equals(subdomain) && subvalue.equals("both"))
throw new PacketRejectedException();
if (subvalue.equals("both")) {
try {
roster = _rosterManager.getRoster(username);
List<String> grouplist = new ArrayList<String>();
List<Node> groupnodes = findNodesInDocument(n.getDocument(), "//roster:group");
for (Node ne : groupnodes) {
String groupName = ne.getText();
grouplist.add(groupName);
}
boolean rosterPersistent = JiveGlobals.getBooleanProperty("plugin.remoteroster.persistent", true);
Log.debug("Adding/Updating Contact " + jid + " to roster of " + username);
try {
RosterItem item = roster.getRosterItem(new JID(jid));
item.setGroups(grouplist);
roster.updateRosterItem(item);
// dont send iq-result if just updating user
continue;
} catch (UserNotFoundException exc) {
// Then we should add him!
}
RosterItem item = roster.createRosterItem(new JID(jid), name, grouplist, false, rosterPersistent);
item.setSubStatus(RosterItem.SUB_BOTH);
roster.updateRosterItem(item);
} catch (Exception e) {
Log.info("Could not add user to Roster although no entry should exist..." + username, e);
}
dispatchPacket(response);
} else if (subvalue.equals("remove")) {
// we dont need to do this when persistent = false because they will get deleted as soon as gateway is unavailable
if (JiveGlobals.getBooleanProperty("plugin.remoteroster.persistent", false) && jid.equals(subdomain)) {
deleteSubdomainItemsFromRoster(username, subdomain);
}
// to handle it
throw new PacketRejectedException();
}
}
}
use of org.jivesoftware.openfire.interceptor.PacketRejectedException in project Openfire by igniterealtime.
the class NonPersistantRosterProcessor method process.
@Override
public void process(Packet packet, String subdomain, String to, String from) throws PacketRejectedException {
Presence myPacket = (Presence) packet;
if (myPacket.getType() != null && myPacket.getType().equals(Presence.Type.unavailable) && !myPacket.getElement().getStringValue().equals("Connecting")) {
String username = getUsernameFromJid(to);
Log.debug("Processing packet in NonPersistantRosterProcessor for " + subdomain + "and user " + username + " Packet: " + packet.toString());
try {
Roster roster = _rosterManager.getRoster(username);
Collection<RosterItem> items = roster.getRosterItems();
for (RosterItem item : items) {
String itemName = item.getJid().toString();
if (itemName.contains(subdomain)) {
Log.debug("Removing contact " + item.getJid().toString() + " from contact list.");
roster.deleteRosterItem(item.getJid(), false);
}
}
} catch (Exception e) {
Log.debug("Execption occured when cleaning up the Roster.", e);
e.printStackTrace();
}
}
}
use of org.jivesoftware.openfire.interceptor.PacketRejectedException in project Openfire by igniterealtime.
the class ContentFilterPlugin method interceptPacket.
public void interceptPacket(Packet packet, Session session, boolean read, boolean processed) throws PacketRejectedException {
if (isValidTargetPacket(packet, read, processed)) {
Packet original = packet;
if (Log.isDebugEnabled()) {
Log.debug("Content filter: intercepted packet:" + original.toString());
}
// as it's an expensive operation
if (violationNotificationEnabled && violationIncludeOriginalPacketEnabled && maskEnabled) {
original = packet.createCopy();
}
// filter the packet
boolean contentMatched = contentFilter.filter(packet);
if (Log.isDebugEnabled()) {
Log.debug("Content filter: content matched? " + contentMatched);
}
// notify admin of violations
if (contentMatched && violationNotificationEnabled) {
if (Log.isDebugEnabled()) {
Log.debug("Content filter: sending violation notification");
Log.debug("Content filter: include original msg? " + this.violationIncludeOriginalPacketEnabled);
}
sendViolationNotification(original);
}
// the conversation in the (spy mode!)
if (contentMatched) {
if (allowOnMatch) {
if (Log.isDebugEnabled()) {
Log.debug("Content filter: allowed content:" + packet.toString());
}
// no further action required
} else {
// msg must be rejected
if (Log.isDebugEnabled()) {
Log.debug("Content filter: rejecting packet");
}
PacketRejectedException rejected = new PacketRejectedException("Packet rejected with disallowed content!");
if (rejectionNotificationEnabled) {
// let the sender know about the rejection, this is
// only possible/useful if the content is not masked
rejected.setRejectionMessage(rejectionMessage);
}
throw rejected;
}
}
}
}
use of org.jivesoftware.openfire.interceptor.PacketRejectedException in project Openfire by igniterealtime.
the class IQRouter method route.
/**
* <p>Performs the actual packet routing.</p>
* <p>You routing is considered 'quick' and implementations may not take
* excessive amounts of time to complete the routing. If routing will take
* a long amount of time, the actual routing should be done in another thread
* so this method returns quickly.</p>
* <h2>Warning</h2>
* <p>Be careful to enforce concurrency DbC of concurrent by synchronizing
* any accesses to class resources.</p>
*
* @param packet The packet to route
* @throws NullPointerException If the packet is null
*/
public void route(IQ packet) {
if (packet == null) {
throw new NullPointerException();
}
JID sender = packet.getFrom();
ClientSession session = sessionManager.getSession(sender);
// may be null
Element childElement = packet.getChildElement();
try {
// Invoke the interceptors before we process the read packet
InterceptorManager.getInstance().invokeInterceptors(packet, session, true, false);
JID to = packet.getTo();
if (session == null || session.getStatus() == Session.STATUS_AUTHENTICATED || (childElement != null && isLocalServer(to) && ("jabber:iq:auth".equals(childElement.getNamespaceURI()) || "jabber:iq:register".equals(childElement.getNamespaceURI()) || "urn:ietf:params:xml:ns:xmpp-bind".equals(childElement.getNamespaceURI())))) {
handle(packet);
} else {
Log.debug("Rejecting stanza from client that has not (yet?) established an authenticated session: {}", packet.toXML());
if (packet.getType() == IQ.Type.get || packet.getType() == IQ.Type.set) {
IQ reply = IQ.createResultIQ(packet);
if (childElement != null) {
reply.setChildElement(childElement.createCopy());
}
reply.setError(PacketError.Condition.not_authorized);
session.process(reply);
}
}
// Invoke the interceptors after we have processed the read packet
InterceptorManager.getInstance().invokeInterceptors(packet, session, true, true);
} catch (PacketRejectedException e) {
if (session != null) {
// An interceptor rejected this packet so answer a not_allowed error
IQ reply = new IQ();
if (childElement != null) {
reply.setChildElement(childElement.createCopy());
}
reply.setID(packet.getID());
reply.setTo(session.getAddress());
reply.setFrom(packet.getTo());
reply.setError(PacketError.Condition.not_allowed);
session.process(reply);
// Check if a message notifying the rejection should be sent
if (e.getRejectionMessage() != null && e.getRejectionMessage().trim().length() > 0) {
// A message for the rejection will be sent to the sender of the rejected packet
Message notification = new Message();
notification.setTo(session.getAddress());
notification.setFrom(packet.getTo());
notification.setBody(e.getRejectionMessage());
session.process(notification);
}
}
}
}
Aggregations