Reverted initial fix and now IQAuthHandler verifies if passwords can be modified. JM-1532

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@11136 b35dd754-fafc-0310-a699-88a17e54d16e

src/java/org/jivesoftware/openfire/handler/IQAuthHandler.java

@@ -66,6 +66,7 @@ public class IQAuthHandler extends IQHandler implements IQAuthInfo {
     private String serverName;
     private UserManager userManager;
     private RoutingTable routingTable;
+    private IQRegisterHandler registerHandler;
 
     /**
      * Clients are not authenticated when accessing this handler.
@@ -293,7 +294,8 @@ public class IQAuthHandler extends IQHandler implements IQAuthInfo {
             throws UnauthorizedException
     {
         IQ response;
-        if (password == null || password.length() == 0) {
+        // Check if users can change their passwords and a password was specified
+        if (!registerHandler.canChangePassword() || password == null || password.length() == 0) {
             throw new UnauthorizedException();
         }
         else {
@@ -370,6 +372,7 @@ public class IQAuthHandler extends IQHandler implements IQAuthInfo {
         super.initialize(server);
         userManager = server.getUserManager();
         routingTable = server.getRoutingTable();
+        registerHandler = server.getIQRegisterHandler();
         serverName = server.getServerInfo().getXMPPDomain();
     }
 

src/java/org/jivesoftware/openfire/handler/IQRegisterHandler.java

@@ -12,10 +12,6 @@
 
 package org.jivesoftware.openfire.handler;
 
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-
 import org.dom4j.DocumentHelper;
 import org.dom4j.Element;
 import org.dom4j.QName;
@@ -43,6 +39,10 @@ import org.xmpp.packet.JID;
 import org.xmpp.packet.PacketError;
 import org.xmpp.packet.StreamError;
 
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
 /**
  * Implements the TYPE_IQ jabber:iq:register protocol (plain only). Clients
  * use this protocol to register a user account with the server.
@@ -147,7 +147,7 @@ public class IQRegisterHandler extends IQHandler implements ServerFeaturesProvid
         // See if in-band registration should be enabled (default is true).
         registrationEnabled = JiveGlobals.getBooleanProperty("register.inband", true);
         // See if users can change their passwords (default is true).
-        canChangePassword = JiveGlobals.getBooleanProperty("xmpp.auth.iqauth", true);
+        canChangePassword = JiveGlobals.getBooleanProperty("register.password", true);
     }
 
     public IQ handleIQ(IQ packet) throws PacketException, UnauthorizedException {
@@ -446,7 +446,7 @@ public class IQRegisterHandler extends IQHandler implements ServerFeaturesProvid
 
     public void setCanChangePassword(boolean allowed) {
         canChangePassword = allowed;
-        JiveGlobals.setProperty("xmpp.auth.iqauth", canChangePassword ? "true" : "false");
+        JiveGlobals.setProperty("register.password", canChangePassword ? "true" : "false");
     }
 
     public IQHandlerInfo getInfo() {