Make sure to return an IQ error if an unhandled exception occurs. JM-638

git-svn-id: http://svn.igniterealtime.org/svn/repos/wildfire/trunk@3760 b35dd754-fafc-0310-a699-88a17e54d16e

Make sure to return an IQ error if an unhandled exception occurs. JM-638
git-svn-id: http://svn.igniterealtime.org/svn/repos/wildfire/trunk@3760 b35dd754-fafc-0310-a699-88a17e54d16e
49db6756 · Gaston Dombiak · gato · 16ba5ac1 · 49db6756 · 49db6756
Commit 49db6756 authored Apr 12, 2006 by Gaston Dombiak Committed by gato Apr 12, 2006
Hide whitespace changes
Inline Side-by-side

Showing with 81 additions and 80 deletions

IQAuthHandler.java ...java/org/jivesoftware/wildfire/handler/IQAuthHandler.java +66 -71

IQHandler.java src/java/org/jivesoftware/wildfire/handler/IQHandler.java +15 -9

No files found.
--- a/src/java/org/jivesoftware/wildfire/handler/IQAuthHandler.java
+++ b/src/java/org/jivesoftware/wildfire/handler/IQAuthHandler.java
@@ -83,86 +83,81 @@ public class IQAuthHandler extends IQHandler implements IQAuthInfo {
    }
    public IQ handleIQ(IQ packet) throws UnauthorizedException, PacketException {
+        ClientSession session = sessionManager.getSession(packet.getFrom());
+        // If no session was found then answer an error (if possible)
+        if (session == null) {
+            Log.error("Error during authentication. Session not found in " +
+                    sessionManager.getPreAuthenticatedKeys() +
+                    " for key " +
+                    packet.getFrom());
+            // This error packet will probably won't make it through
+            IQ reply = IQ.createResultIQ(packet);
+            reply.setChildElement(packet.getChildElement().createCopy());
+            reply.setError(PacketError.Condition.internal_server_error);
+            return reply;
+        }
+        IQ response = null;
        try {
-            ClientSession session = sessionManager.getSession(packet.getFrom());
+            Element iq = packet.getElement();
-            // If no session was found then answer an error (if possible)
+            Element query = iq.element("query");
-            if (session == null) {
+            Element queryResponse = probeResponse.createCopy();
-                Log.error("Error during authentication. Session not found in " +
+            if (IQ.Type.get == packet.getType()) {
-                        sessionManager.getPreAuthenticatedKeys() +
+                String username = query.elementTextTrim("username");
-                        " for key " +
+                if (username != null) {
-                        packet.getFrom());
+                    queryResponse.element("username").setText(username);
-                // This error packet will probably won't make it through
+                }
-                IQ reply = IQ.createResultIQ(packet);
+                response = IQ.createResultIQ(packet);
-                reply.setChildElement(packet.getChildElement().createCopy());
+                response.setChildElement(queryResponse);
-                reply.setError(PacketError.Condition.internal_server_error);
+                // This is a workaround. Since we don't want to have an incorrect TO attribute
-                return reply;
+                // value we need to clean up the TO attribute and send directly the response.
+                // The TO attribute will contain an incorrect value since we are setting a fake
+                // JID until the user actually authenticates with the server.
+                if (session.getStatus() != Session.STATUS_AUTHENTICATED) {
+                    response.setTo((JID)null);
+                }
            }
-            IQ response = null;
+            // Otherwise set query
-            try {
+            else {
-                Element iq = packet.getElement();
+                if (query.elements().isEmpty()) {
-                Element query = iq.element("query");
+                    // Anonymous authentication
-                Element queryResponse = probeResponse.createCopy();
+                    response = anonymousLogin(session, packet);
-                if (IQ.Type.get == packet.getType()) {
-                    String username = query.elementTextTrim("username");
-                    if (username != null) {
-                        queryResponse.element("username").setText(username);
-                    }
-                    response = IQ.createResultIQ(packet);
-                    response.setChildElement(queryResponse);
-                    // This is a workaround. Since we don't want to have an incorrect TO attribute
-                    // value we need to clean up the TO attribute and send directly the response.
-                    // The TO attribute will contain an incorrect value since we are setting a fake
-                    // JID until the user actually authenticates with the server.
-                    if (session.getStatus() != Session.STATUS_AUTHENTICATED) {
-                        response.setTo((JID)null);
-                    }
                }
-                // Otherwise set query
                else {
-                    if (query.elements().isEmpty()) {
+                    String username = query.elementTextTrim("username");
-                        // Anonymous authentication
+                    // Login authentication
-                        response = anonymousLogin(session, packet);
+                    String password = query.elementTextTrim("password");
+                    String digest = null;
+                    if (query.element("digest") != null) {
+                        digest = query.elementTextTrim("digest").toLowerCase();
                    }
-                    else {
-                        String username = query.elementTextTrim("username");
-                        // Login authentication
-                        String password = query.elementTextTrim("password");
-                        String digest = null;
-                        if (query.element("digest") != null) {
-                            digest = query.elementTextTrim("digest").toLowerCase();
-                        }
-                        // If we're already logged in, this is a password reset
+                    // If we're already logged in, this is a password reset
-                        if (session.getStatus() == Session.STATUS_AUTHENTICATED) {
+                    if (session.getStatus() == Session.STATUS_AUTHENTICATED) {
-                            response = passwordReset(password, packet, username, session);
+                        response = passwordReset(password, packet, username, session);
-                        }
+                    }
-                        else {
+                    else {
-                            // it is an auth attempt
+                        // it is an auth attempt
-                            response =
+                        response =
-                                    login(username, query, packet, response, password, session,
+                                login(username, query, packet, response, password, session,
-                                            digest);
+                                        digest);
-                        }
                    }
                }
            }
-            catch (UserNotFoundException e) {
-                response = IQ.createResultIQ(packet);
-                response.setChildElement(packet.getChildElement().createCopy());
-                response.setError(PacketError.Condition.not_authorized);
-            }
-            catch (UnauthorizedException e) {
-                response = IQ.createResultIQ(packet);
-                response.setChildElement(packet.getChildElement().createCopy());
-                response.setError(PacketError.Condition.not_authorized);
-            }
-            // Send the response directly since we want to be sure that we are sending it back
-            // to the correct session. Any other session of the same user but with different
-            // resource is incorrect.
-            session.process(response);
        }
-        catch (Exception e) {
+        catch (UserNotFoundException e) {
-            Log.error("Error handling authentication IQ packet", e);
+            response = IQ.createResultIQ(packet);
+            response.setChildElement(packet.getChildElement().createCopy());
+            response.setError(PacketError.Condition.not_authorized);
+        }
+        catch (UnauthorizedException e) {
+            response = IQ.createResultIQ(packet);
+            response.setChildElement(packet.getChildElement().createCopy());
+            response.setError(PacketError.Condition.not_authorized);
        }
+        // Send the response directly since we want to be sure that we are sending it back
+        // to the correct session. Any other session of the same user but with different
+        // resource is incorrect.
+        session.process(response);
        return null;
    }
@@ -189,7 +184,7 @@ public class IQAuthHandler extends IQHandler implements IQAuthInfo {
        // If a session already exists with the requested JID, then check to see
        // if we should kick it off or refuse the new connection
        if (sessionManager.isActiveRoute(username, resource)) {
-            ClientSession oldSession = null;
+            ClientSession oldSession;
            try {
                String domain = localServer.getServerInfo().getName();
                oldSession = sessionManager.getSession(username, domain, resource);
@@ -260,7 +255,7 @@ public class IQAuthHandler extends IQHandler implements IQAuthInfo {
    }
    private IQ anonymousLogin(ClientSession session, IQ packet) {
-        IQ response = IQ.createResultIQ(packet);;
+        IQ response = IQ.createResultIQ(packet);
        if (anonymousAllowed) {
            session.setAnonymousAuth();
            response.setTo(session.getAddress());

--- a/src/java/org/jivesoftware/wildfire/handler/IQHandler.java
+++ b/src/java/org/jivesoftware/wildfire/handler/IQHandler.java
@@ -11,11 +11,11 @@
 package org.jivesoftware.wildfire.handler;
+import org.jivesoftware.util.LocaleUtils;
+import org.jivesoftware.util.Log;
 import org.jivesoftware.wildfire.*;
 import org.jivesoftware.wildfire.auth.UnauthorizedException;
 import org.jivesoftware.wildfire.container.BasicModule;
-import org.jivesoftware.util.LocaleUtils;
-import org.jivesoftware.util.Log;
 import org.xmpp.packet.IQ;
 import org.xmpp.packet.Packet;
 import org.xmpp.packet.PacketError;
@@ -45,9 +45,9 @@ public abstract class IQHandler extends BasicModule implements ChannelHandler {
    public void process(Packet packet) throws PacketException {
        IQ iq = (IQ) packet;
        try {
-            iq = handleIQ(iq);
+            IQ reply = handleIQ(iq);
-            if (iq != null) {
+            if (reply != null) {
-                deliverer.deliver(iq);
+                deliverer.deliver(reply);
            }
        }
        catch (org.jivesoftware.wildfire.auth.UnauthorizedException e) {
@@ -56,10 +56,7 @@ public abstract class IQHandler extends BasicModule implements ChannelHandler {
                    IQ response = IQ.createResultIQ(iq);
                    response.setChildElement(iq.getChildElement().createCopy());
                    response.setError(PacketError.Condition.not_authorized);
-                    Session session = sessionManager.getSession(iq.getFrom());
+                    sessionManager.getSession(iq.getFrom()).process(response);
-                    if (!session.getConnection().isClosed()) {
-                        session.process(response);
-                    }
                }
                catch (Exception de) {
                    Log.error(LocaleUtils.getLocalizedString("admin.error"), de);
@@ -69,6 +66,15 @@ public abstract class IQHandler extends BasicModule implements ChannelHandler {
        }
        catch (Exception e) {
            Log.error(LocaleUtils.getLocalizedString("admin.error"), e);
+            try {
+                IQ response = IQ.createResultIQ(iq);
+                response.setChildElement(iq.getChildElement().createCopy());
+                response.setError(PacketError.Condition.internal_server_error);
+                sessionManager.getSession(iq.getFrom()).process(response);
+            }
+            catch (Exception e1) {
+                // Do nothing
+            }
        }
    }