Commit ef446df2 authored by Alex Wenckus's avatar Alex Wenckus Committed by alex

Added SASL mechanisms to session creation response.

git-svn-id: http://svn.igniterealtime.org/svn/repos/wildfire/branches@5897 b35dd754-fafc-0310-a699-88a17e54d16e
parent 4b2ad759
......@@ -15,6 +15,7 @@ import org.jivesoftware.wildfire.StreamID;
import org.jivesoftware.wildfire.Connection;
import org.jivesoftware.wildfire.XMPPServer;
import org.jivesoftware.wildfire.net.VirtualConnection;
import org.jivesoftware.wildfire.net.SASLAuthentication;
import org.jivesoftware.wildfire.auth.UnauthorizedException;
import org.xmpp.packet.Packet;
import org.xmpp.packet.Message;
......@@ -111,6 +112,11 @@ public class HttpSession extends ClientSession {
public Collection<Element> getAvailableStreamFeaturesElements() {
List<Element> elements = new ArrayList<Element>();
Element sasl = SASLAuthentication.getSASLMechanismsElement(this);
if(sasl != null) {
elements.add(sasl);
}
// Include Stream Compression Mechanism
if (conn.getCompressionPolicy() != Connection.CompressionPolicy.disabled &&
!conn.isCompressed()) {
......
......@@ -12,6 +12,9 @@
package org.jivesoftware.wildfire.net;
import org.dom4j.Element;
import org.dom4j.DocumentHelper;
import org.dom4j.QName;
import org.dom4j.Namespace;
import org.jivesoftware.util.JiveGlobals;
import org.jivesoftware.util.Log;
import org.jivesoftware.util.StringUtils;
......@@ -147,6 +150,43 @@ public class SASLAuthentication {
return sb.toString();
}
public static Element getSASLMechanismsElement(Session session) {
if (!(session instanceof ClientSession) && !(session instanceof IncomingServerSession)) {
return null;
}
Element mechs = DocumentHelper.createElement(new QName("mechanisms",
new Namespace("", "urn:ietf:params:xml:ns:xmpp-sasl")));
if (session instanceof IncomingServerSession) {
// Server connections dont follow the same rules as clients
if (session.getConnection().isSecure()) {
// Offer SASL EXTERNAL only if TLS has already been negotiated
Element mechanism = mechs.addElement("mechanism");
mechanism.setText("EXTERNAL");
}
}
else {
for (String mech : mechanisms) {
if (mech.equals("CRAM-MD5") || mech.equals("DIGEST-MD5")) {
// Check if the user provider in use supports passwords retrieval. Accessing
// to the users passwords will be required by the CallbackHandler
if (!AuthFactory.getAuthProvider().supportsPasswordRetrieval()) {
continue;
}
}
else if (mech.equals("ANONYMOUS")) {
// Check anonymous is supported
if (!XMPPServer.getInstance().getIQAuthHandler().isAnonymousAllowed()) {
continue;
}
}
Element mechanism = mechs.addElement("mechanism");
mechanism.setText(mech);
}
}
return mechs;
}
/**
* Handles the SASL authentication packet. The entity may be sending an initial
* authentication request or a response to a challenge made by the server. The returned
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment