OF-892: The admin panel should give a visual clue for mutual authentication usage.

ca2d61ef · Guus der Kinderen · 20be3766 · ca2d61ef · ca2d61ef · ca2d61ef
Commit ca2d61ef authored Mar 27, 2015 by Guus der Kinderen
4 changed files
--- a/src/java/org/jivesoftware/openfire/session/LocalSession.java
+++ b/src/java/org/jivesoftware/openfire/session/LocalSession.java
@@ -17,6 +17,7 @@
 package org.jivesoftware.openfire.session;

 import java.net.UnknownHostException;
+import java.security.cert.Certificate;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
@@ -354,6 +355,10 @@ public abstract class LocalSession implements Session {
        return conn.isSecure();
    }

+    public Certificate[] getPeerCertificates() {
+        return conn.getPeerCertificates();
+    }
+
    public boolean isClosed() {
        return conn.isClosed();
    }

--- a/src/java/org/jivesoftware/openfire/session/Session.java
+++ b/src/java/org/jivesoftware/openfire/session/Session.java
@@ -26,6 +26,7 @@ import org.xmpp.packet.JID;
 import org.xmpp.packet.Packet;

 import java.net.UnknownHostException;
+import java.security.cert.Certificate;
 import java.util.Date;

 /**
@@ -135,6 +136,13 @@ public interface Session extends RoutableChannelHandler {
     */
    public boolean isSecure();

+    /**
+     * Returns the peer certificates associated with this session, if any.
+     *
+     * @return certificates, possibly empty or null.
+     */
+    public Certificate[] getPeerCertificates();
+
    /**
     * Returns the IP address string in textual presentation.
     *

--- a/src/web/images/lock_both.gif
+++ b/src/web/images/lock_both.gif
--- a/src/web/session-row.jspf
+++ b/src/web/session-row.jspf
@@ -68,15 +68,17 @@

        <%  } %>
    </td>
-    <%  if (sess.isSecure()) { %>
-        <td width="1%">
-            <img src="images/lock.gif" width="16" height="16" border="0"
-            title="<fmt:message key='session.row.cliked_ssl' />" alt="<fmt:message key='session.row.cliked_ssl' />">
-        </td>
-     <% } else { %>
-        <td width="1%"><img src="images/blank.gif" width="1" height="1" alt=""></td>
-     <% } %>
-
+    <td width="1%">
+        <%  if (sess.isSecure()) {
+                if (sess.getPeerCertificates() != null && sess.getPeerCertificates().length > 0) { %>
+                    <img src="images/lock_both.gif" width="16" height="16" border="0" title="<fmt:message key='session.row.cliked_ssl' /> (mutual authentication)" alt="<fmt:message key='session.row.cliked_ssl' /> (mutual authentication)">
+        <%      } else { %>
+                    <img src="images/lock.gif" width="16" height="16" border="0" title="<fmt:message key='session.row.cliked_ssl' />" alt="<fmt:message key='session.row.cliked_ssl' />">
+        <%      }
+            } else { %>
+                    <img src="images/blank.gif" width="1" height="1" alt="">
+     <%     } %>
+    </td>
    <%  Presence.Show _show = sess.getPresence().getShow();
        String _stat = sess.getPresence().getStatus();
        if (!sess.getPresence().isAvailable()) {