OF-749: Upgrade bouncy castle from 1.49 to 1.50

Jitsvideobridge plugin. Upgrade to latest videobridge code

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@13968 b35dd754-fafc-0310-a699-88a17e54d16e

build/lib/versions.txt

@@ -3,9 +3,9 @@ Name                                |  Version
 ant.jar                             | Jetty 6.1.0 (1.6.5)                                          | Apache 2.0
 ant-contrib.jar                     | 1.0b1                                                        | Apache 2.0
 ant-subdirtask.jar                  | Revision 1.4 (CVS)                                           |
-bcpg-jdk15on.jar                    | 1.49	                                                   | See http://www.bouncycastle.org/licence.html
-bcpkix-jdk15on.jar                  | 1.49	                                                   | See http://www.bouncycastle.org/licence.html
-bcprov-jdk15on.jar                  | 1.49                                                         | See http://www.bouncycastle.org/licence.html
+bcpg-jdk15on.jar                    | 1.50	                                                   | See http://www.bouncycastle.org/licence.html
+bcpkix-jdk15on.jar                  | 1.50	                                                   | See http://www.bouncycastle.org/licence.html
+bcprov-jdk15on.jar                  | 1.50                                                         | See http://www.bouncycastle.org/licence.html
 cglib.jar                           | 2.1.3 (JMock 2.1.0)                                          |
 commons-lang.jar                    | 2.3                                                          | Apache 2.0
 commons-logging.jar                 | Jetty 5.1.10                                                 | Apache 2.0

src/plugins/jitsivideobridge/changelog.html

@@ -44,6 +44,13 @@
 Jitsi Video Bridge Plugin Changelog
 </h1>
 
+<p><b>1.2.2</b> -- Feb 19th, 2014</p>
+
+<ul>
+     <li>Added username/password protection on web applications</li>
+     <li>OF-749: Upgraded bouncy castle libraries from 1.49 to 1.50</li>
+</ul>
+
 <p><b>1.2.1</b> -- Feb 17th, 2014</p>
 
 <ul>

src/plugins/jitsivideobridge/plugin.xml

@@ -4,9 +4,9 @@
     <class>org.jitsi.videobridge.openfire.PluginImpl</class>
     <description>Integrates Jitsi Video Bridge into Openfire.</description>
     <licenseType>LGPL</licenseType>
-    <minServerVersion>3.9.0</minServerVersion>
+    <minServerVersion>3.9.2</minServerVersion>
     <name>Jitsi Video Bridge</name>
-    <version>1.2.1</version>
+    <version>1.3.0</version>
 
    <adminconsole>
         <tab id="tab-server">

src/plugins/jitsivideobridge/src/i18n/jitsivideobridge_i18n.properties

@@ -7,3 +7,5 @@ config.page.configuration.max.port=Max port used for media
 config.page.configuration.submit=Save
 config.page.configuration.error.minport=Invalid min port value
 config.page.configuration.error.maxport=Invalid max port value
+config.page.configuration.username=Username for web applications
+config.page.configuration.password=Password for web applications

src/plugins/jitsivideobridge/src/java/org/jitsi/videobridge/openfire/PluginImpl.java

@@ -51,6 +51,9 @@ import org.eclipse.jetty.server.handler.ContextHandlerCollection;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.servlet.ServletHolder;
 import org.eclipse.jetty.webapp.WebAppContext;
+import org.eclipse.jetty.http.security.*;
+import org.eclipse.jetty.security.*;
+import org.eclipse.jetty.security.authentication.*;
 
 import org.dom4j.*;
 import org.jitsi.videobridge.*;
@@ -93,6 +96,16 @@ public class PluginImpl  implements Plugin, PropertyEventListener
      */
     public static final String VIDEO_CONFERENCE_PROPERTY_NAME = "org.jitsi.videobridge.video.conference.name";
 
+    /**
+     * The name of the property that contains the security username for basic authentication
+     */
+    public static final String USERNAME_PROPERTY_NAME = "org.jitsi.videobridge.security.username";
+
+    /**
+     * The name of the property that contains the security password for basic authentication
+     */
+    public static final String PASSWORD_PROPERTY_NAME = "org.jitsi.videobridge.security.password";
+
     /**
      * The name of the property that contains the maximum port number that we'd
      * like our RTP managers to bind upon.
@@ -215,6 +228,14 @@ public class PluginImpl  implements Plugin, PropertyEventListener
 			WebAppContext context = new WebAppContext(contexts, pluginDirectory.getPath(), "/" + appName);
 			context.setWelcomeFiles(new String[]{"index.html"});
 
+			String username = JiveGlobals.getProperty(USERNAME_PROPERTY_NAME, null);
+			String password = JiveGlobals.getProperty(PASSWORD_PROPERTY_NAME, "jitsi");
+
+			if (username != null)
+			{
+				context.setSecurityHandler(basicAuth(username, password, "Private!"));
+			}
+
 			createIQHandlers();
 
 		}
@@ -267,6 +288,34 @@ public class PluginImpl  implements Plugin, PropertyEventListener
         }
     }
 
+    /**
+
+     */
+    private static final SecurityHandler basicAuth(String username, String password, String realm) {
+
+    	HashLoginService l = new HashLoginService();
+        l.putUser(username, Credential.getCredential(password), new String[] {"user"});
+        l.setName(realm);
+
+        Constraint constraint = new Constraint();
+        constraint.setName(Constraint.__BASIC_AUTH);
+        constraint.setRoles(new String[]{"user"});
+        constraint.setAuthenticate(true);
+
+        ConstraintMapping cm = new ConstraintMapping();
+        cm.setConstraint(constraint);
+        cm.setPathSpec("/*");
+
+        ConstraintSecurityHandler csh = new ConstraintSecurityHandler();
+        csh.setAuthenticator(new BasicAuthenticator());
+        csh.setRealmName("myrealm");
+        csh.addConstraintMapping(cm);
+        csh.setLoginService(l);
+
+        return csh;
+
+    }
+
     /**
      * Checks whether we have folder with extracted natives, if missing
      * find the appropriate jar file and extract them. Normally this is

src/plugins/jitsivideobridge/src/web/jitsi-videobridge.jsp

@@ -62,6 +62,12 @@
                     "jitsivideobridge");
             }
         }
+        
+	String username = request.getParameter("username"); 
+        JiveGlobals.setProperty(PluginImpl.USERNAME_PROPERTY_NAME, username);	
+        
+	String password = request.getParameter("password"); 	
+        JiveGlobals.setProperty(PluginImpl.PASSWORD_PROPERTY_NAME, password);		
     }
 
 %>
@@ -104,6 +110,22 @@
                            value="<%=plugin.getMaxPort()%>"/>
                 </td>
             </tr>
+            <tr>
+                <td><label class="jive-label"><fmt:message key="config.page.configuration.username"/>:</label><br>
+                </td>
+                <td align="left">
+                    <input name="username" type="text" maxlength="16" size="16"
+                           value="<%=JiveGlobals.getProperty(PluginImpl.USERNAME_PROPERTY_NAME, "jitsi")%>"/>
+                </td>
+            </tr>     
+            <tr>
+                <td><label class="jive-label"><fmt:message key="config.page.configuration.password"/>:</label><br>
+                </td>
+                <td align="left">
+                    <input name="password" type="password" maxlength="16" size="16"
+                           value="<%=JiveGlobals.getProperty(PluginImpl.PASSWORD_PROPERTY_NAME, "jitsi")%>"/>
+                </td>
+            </tr>             
             <tr>
                 <th colspan="2"><input type="submit" name="update"
                                        value="<fmt:message key="config.page.configuration.submit" />"></th>