Commit fa666d77 authored by Guus der Kinderen's avatar Guus der Kinderen

Created replacement for Client Connection admin page

parent b6ba74f8
......@@ -22,6 +22,7 @@ import java.util.*;
public class ConnectionConfiguration
{
private final Logger Log;
private final boolean enabled;
private final ConnectionType type;
private final int maxThreadPoolSize;
private final int maxBufferSize;
......@@ -329,6 +330,7 @@ public class ConnectionConfiguration
/**
* @param type
* @param enabled
* @param maxThreadPoolSize The maximum number of threads that are to be used to processing network activity. Must be equal to or larger than one.
* @param maxBufferSize The maximum amount of bytes of the read buffer that I/O processor allocates per each read, or a non-positive value to configure no maximum.
* @param clientAuth specification if peers should be authenticated ('mutual authentication') (cannot be null).
......@@ -337,7 +339,7 @@ public class ConnectionConfiguration
* @param tlsPolicy The TLS policy that is applied to connections (cannot be null).
*/
// TODO input validation
public ConnectionConfiguration( ConnectionType type, int maxThreadPoolSize, int maxBufferSize, Connection.ClientAuth clientAuth, InetAddress bindAddress, int port, Connection.TLSPolicy tlsPolicy, CertificateStoreConfiguration identityStoreConfiguration, CertificateStoreConfiguration trustStoreConfiguration, boolean acceptSelfSignedCertificates, boolean verifyCertificateValidity, Set<String> encryptionProtocolsEnabled, Set<String> encryptionProtocolsDisabled, Set<String> cipherSuitesEnabled, Set<String> cipherSuitesDisabled )
public ConnectionConfiguration( ConnectionType type, boolean enabled, int maxThreadPoolSize, int maxBufferSize, Connection.ClientAuth clientAuth, InetAddress bindAddress, int port, Connection.TLSPolicy tlsPolicy, CertificateStoreConfiguration identityStoreConfiguration, CertificateStoreConfiguration trustStoreConfiguration, boolean acceptSelfSignedCertificates, boolean verifyCertificateValidity, Set<String> encryptionProtocolsEnabled, Set<String> encryptionProtocolsDisabled, Set<String> cipherSuitesEnabled, Set<String> cipherSuitesDisabled )
{
if ( maxThreadPoolSize <= 0 ) {
throw new IllegalArgumentException( "Argument 'maxThreadPoolSize' must be equal to or greater than one." );
......@@ -346,6 +348,7 @@ public class ConnectionConfiguration
throw new IllegalArgumentException( "Argument 'clientAuth' cannot be null." );
}
this.enabled = enabled;
this.tlsPolicy = tlsPolicy;
this.type = type;
this.maxThreadPoolSize = maxThreadPoolSize;
......@@ -521,4 +524,9 @@ public class ConnectionConfiguration
{
return trustStore;
}
public boolean isEnabled()
{
return enabled;
}
}
......@@ -2,12 +2,9 @@ package org.jivesoftware.openfire.spi;
import org.apache.mina.transport.socket.nio.NioSocketAcceptor;
import org.jivesoftware.openfire.Connection;
import org.jivesoftware.openfire.ConnectionManager;
import org.jivesoftware.openfire.ServerPort;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.keystore.CertificateStore;
import org.jivesoftware.openfire.keystore.CertificateStoreConfiguration;
import org.jivesoftware.openfire.keystore.CertificateStoreManager;
import org.jivesoftware.openfire.net.SocketConnection;
import org.jivesoftware.util.JiveGlobals;
import org.slf4j.Logger;
......@@ -156,14 +153,7 @@ public class ConnectionListener
}
JiveGlobals.setProperty( isEnabledPropertyName, Boolean.toString( enable ) );
if ( isRunning )
{
start();
}
else
{
stop();
}
restart();
}
/**
......@@ -249,31 +239,13 @@ public class ConnectionListener
maxBufferSize = -1; // No upper bound.
}
Connection.ClientAuth clientAuth;
if ( clientAuthPolicyPropertyName == null )
{
clientAuth = Connection.ClientAuth.disabled;
}
else
{
try
{
final String value = JiveGlobals.getProperty( clientAuthPolicyPropertyName, Connection.ClientAuth.disabled.name() );
clientAuth = Connection.ClientAuth.valueOf( value );
}
catch ( IllegalArgumentException e )
{
Log.warn( "Invalid client auth value. A default will be used.", e );
clientAuth = Connection.ClientAuth.wanted;
}
}
// Take the current state of this instance, and create a new configuration.
return new ConnectionConfiguration(
getType(),
isEnabled(),
maxThreadPoolSize,
maxBufferSize,
clientAuth,
getClientAuth(),
getBindAddress(),
getPort(),
getTLSPolicy(),
......@@ -423,6 +395,42 @@ public class ConnectionListener
restart();
}
public Connection.ClientAuth getClientAuth()
{
Connection.ClientAuth clientAuth;
if ( clientAuthPolicyPropertyName == null )
{
clientAuth = Connection.ClientAuth.disabled;
}
else
{
final String value = JiveGlobals.getProperty( clientAuthPolicyPropertyName, Connection.ClientAuth.disabled.name() );
try
{
clientAuth = Connection.ClientAuth.valueOf( value );
}
catch ( IllegalArgumentException e )
{
Log.error( "Error parsing property value of '{}' into a valid ClientAUth. Offending value: '{}'.", value, clientAuthPolicyPropertyName, e );
clientAuth = Connection.ClientAuth.disabled;
}
}
return clientAuth;
}
public void setClientAuth( Connection.ClientAuth clientAuth )
{
final Connection.ClientAuth oldValue = getClientAuth();
if ( oldValue.equals( clientAuth ) )
{
Log.debug( "Ignoring client auth configuration change request (to '{}'): listener already in this state.", clientAuth );
return;
}
Log.debug( "Changing client auth configuration from '{}' to '{}'.", oldValue, clientAuth );
JiveGlobals.setProperty( tlsPolicyPropertyName, clientAuth.toString() );
restart();
}
/**
* Returns the applicable TLS policy, but only when it is hardcoded (and inconfigurable).
* @return a policy or null.
......
<%@ page import="org.jivesoftware.openfire.spi.ConnectionConfiguration" %>
<%@ page import="org.jivesoftware.openfire.spi.ConnectionManagerImpl" %>
<%@ page import="org.jivesoftware.openfire.XMPPServer" %>
<%@ page import="org.jivesoftware.openfire.spi.ConnectionType" %>
<%@ page import="org.jivesoftware.openfire.spi.ConnectionListener" %>
<%@ page import="org.jivesoftware.util.ParamUtils" %>
<%@ page import="org.jivesoftware.openfire.Connection" %>
<%@ page import="org.jivesoftware.util.JiveGlobals" %>
<%@ page import="org.jivesoftware.openfire.session.ConnectionSettings" %>
<%@ page import="java.util.HashMap" %>
<%@ page import="java.util.Map" %>
<%@ page errorPage="error.jsp" %>
<%@ taglib uri="admin" prefix="admin" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt" %>
<jsp:useBean id="webManager" class="org.jivesoftware.util.WebManager" />
<% webManager.init(request, response, session, application, out ); %>
<%
final ConnectionType connectionType = ConnectionType.SOCKET_C2S;
final ConnectionManagerImpl manager = (ConnectionManagerImpl) XMPPServer.getInstance().getConnectionManager();
final ConnectionConfiguration plaintextConfiguration = manager.getConfiguration( connectionType, false );
final ConnectionConfiguration legacymodeConfiguration = manager.getConfiguration( connectionType, true );
final boolean update = request.getParameter( "update" ) != null;
final Map<String, String> errors = new HashMap<>();
if ( update && errors.isEmpty() )
{
// plaintext
final boolean plaintextEnabled = ParamUtils.getBooleanParameter( request, "plaintext-enabled" );
final int plaintextTcpPort = ParamUtils.getIntParameter( request, "plaintext-tcpPort", plaintextConfiguration.getPort() );
final int plaintextReadBuffer = ParamUtils.getIntParameter( request, "plaintext-readBuffer", plaintextConfiguration.getMaxBufferSize() );
final String plaintextTlsPolicyText = ParamUtils.getParameter( request, "plaintext-tlspolicy", true );
final Connection.TLSPolicy plaintextTlsPolicy;
if ( plaintextTlsPolicyText == null || plaintextTlsPolicyText.isEmpty() ) {
plaintextTlsPolicy = plaintextConfiguration.getTlsPolicy();
} else {
plaintextTlsPolicy = Connection.TLSPolicy.valueOf( plaintextTlsPolicyText );
}
final String plaintextMutualAuthenticationText = ParamUtils.getParameter( request, "plaintext-mutualauthentication", true );
final Connection.ClientAuth plaintextMutualAuthentication;
if ( plaintextMutualAuthenticationText == null || plaintextMutualAuthenticationText.isEmpty() ) {
plaintextMutualAuthentication = plaintextConfiguration.getClientAuth();
} else {
plaintextMutualAuthentication = Connection.ClientAuth.valueOf( plaintextMutualAuthenticationText );
}
final int plaintextListenerMaxThreads = ParamUtils.getIntParameter( request, "plaintext-maxThreads", plaintextConfiguration.getMaxThreadPoolSize() );
// legacymode
final boolean legacymodeEnabled = ParamUtils.getBooleanParameter( request, "legacymode-enabled" );
final int legacymodeTcpPort = ParamUtils.getIntParameter( request, "legacymode-tcpPort", legacymodeConfiguration.getPort() );
final int legacymodeReadBuffer = ParamUtils.getIntParameter( request, "legacymode-readBuffer", legacymodeConfiguration.getMaxBufferSize() );
final String legacymodeMutualAuthenticationText = ParamUtils.getParameter( request, "legacymode-mutualauthentication", true );
final Connection.ClientAuth legacymodeMutualAuthentication;
if ( legacymodeMutualAuthenticationText == null || legacymodeMutualAuthenticationText.isEmpty() ) {
legacymodeMutualAuthentication = legacymodeConfiguration.getClientAuth();
} else {
legacymodeMutualAuthentication = Connection.ClientAuth.valueOf( legacymodeMutualAuthenticationText );
}
final int legacymodeListenerMaxThreads = ParamUtils.getIntParameter( request, "legacymode-maxThreads", legacymodeConfiguration.getMaxThreadPoolSize() );
// Apply
final ConnectionListener plaintextListener = manager.getListener( connectionType, false );
final ConnectionListener legacymodeListener = manager.getListener( connectionType, true );
plaintextListener.enable( plaintextEnabled );
plaintextListener.setPort( plaintextTcpPort );
// TODO: plaintextListener.setMaxBufferSize( plaintextReadBuffer );
plaintextListener.setTLSPolicy( plaintextTlsPolicy );
plaintextListener.setClientAuth( plaintextMutualAuthentication );
// TODO: plaintextListener.setMaxThreadPoolSize( plaintextListenerMaxThreads);
legacymodeListener.enable( legacymodeEnabled );
legacymodeListener.setPort( legacymodeTcpPort );
// TODO: legacymodeListener.setMaxBufferSize( legacymodeReadBuffer );
legacymodeListener.setClientAuth( legacymodeMutualAuthentication );
// TODO: legacymodeListener.setMaxThreadPoolSize( legacymodeListenerMaxThreads);
// Log the event
webManager.logEvent( "Updated connection settings for " + connectionType, "Applied configuration to plain-text as well as legacy-mode connection listeners." );
response.sendRedirect( "connection-settings-socket-c2s.jsp?success=true" );
// TODO below is the 'idle connection' handing. This should go into the connection configuration, like all other configuration.
final int clientIdle = 1000* ParamUtils.getIntParameter(request, "clientIdle", -1);
final boolean idleDisco = ParamUtils.getBooleanParameter(request, "idleDisco");
final boolean pingIdleClients = ParamUtils.getBooleanParameter(request, "pingIdleClients");
if (!idleDisco) {
JiveGlobals.setProperty( ConnectionSettings.Client.IDLE_TIMEOUT, "-1" );
} else {
JiveGlobals.setProperty( ConnectionSettings.Client.IDLE_TIMEOUT, String.valueOf( clientIdle ) );
}
JiveGlobals.setProperty( ConnectionSettings.Client.KEEP_ALIVE_PING, String.valueOf( pingIdleClients ) );
webManager.logEvent("set server property " + ConnectionSettings.Client.IDLE_TIMEOUT, ConnectionSettings.Client.IDLE_TIMEOUT + " = " + clientIdle);
webManager.logEvent("set server property " + ConnectionSettings.Client.KEEP_ALIVE_PING, ConnectionSettings.Client.KEEP_ALIVE_PING + " = " + pingIdleClients);
return;
}
pageContext.setAttribute( "errors", errors );
pageContext.setAttribute( "plaintextConfiguration", plaintextConfiguration );
pageContext.setAttribute( "legacymodeConfiguration", legacymodeConfiguration );
pageContext.setAttribute( "clientIdle", JiveGlobals.getIntProperty( ConnectionSettings.Client.IDLE_TIMEOUT, 6*60*1000 ) );
pageContext.setAttribute( "pingIdleClients", JiveGlobals.getBooleanProperty( ConnectionSettings.Client.KEEP_ALIVE_PING, true) );
%>
<html>
<head>
<title><fmt:message key="client.connections.settings.title"/></title>
<meta name="pageID" content="client-connections-settings"/>
<script type="text/javascript">
// Displays or hides the configuration block for a particular connection type, based on the status of the
// 'enable' checkbox for that connection type.
function applyDisplayable( connectionType )
{
var configBlock, enabled;
// Select the right configuration block and enable or disable it as defined by the the corresponding checkbox.
configBlock = document.getElementById( connectionType + "-config" );
enabled = document.getElementById( connectionType + "-enabled" ).checked;
if ( ( configBlock != null ) && ( enabled != null ) )
{
if ( enabled )
{
configBlock.style.display = "block";
}
else
{
configBlock.style.display = "none";
}
}
}
// Ensure that the various elements are set properly when the page is loaded.
window.onload = function()
{
applyDisplayable( "plaintext" );
applyDisplayable( "legacymode" );
};
</script>
</head>
<body>
<c:if test="${param.success}">
<admin:infoBox type="success"><fmt:message key="client.connections.settings.confirm.updated" /></admin:infoBox>
</c:if>
<p>
<fmt:message key="client.connections.settings.info">
<fmt:param value="<a href=\"session-summary.jsp\">" />
<fmt:param value="</a>" />
</fmt:message>
</p>
<form action="connection-settings-socket-c2s.jsp" method="post">
<admin:contentBox title="Plain-text (with STARTTLS) connections">
<p>Openfire can accept plain-text connections, which, depending on the policy that is configured here, can be upgraded to encrypted connections (using the STARTTLS protocol).</p>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td>
<input type="checkbox" name="plaintext-enabled" id="plaintext-enabled" onclick="applyDisplayable('plaintext')" ${plaintextConfiguration.enabled ? 'checked' : ''}/><label for="plaintext-enabled">Enabled</label>
</td>
</tr>
</table>
<div id="plaintext-config">
<br/>
<h4>TCP settings</h4>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td width="1%" nowrap><label for="plaintext-tcpPort">Port number</label></td>
<td width="99%"><input type="text" name="plaintext-tcpPort" id="plaintext-tcpPort" value="${plaintextConfiguration.port}"/></td>
</tr>
<tr valign="middle">
<td width="1%" nowrap><label for="plaintext-readBuffer">Read buffer</label></td>
<td width="99%"><input type="text" name="plaintext-readBuffer" id="plaintext-readBuffer" value="${plaintextConfiguration.maxBufferSize}" readonly/> (in bytes)</td>
</tr>
</table>
<br/>
<h4>STARTTLS policy</h4>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td>
<input type="radio" name="plaintext-tlspolicy" value="disabled" id="plaintext-tlspolicy-disabled" ${plaintextConfiguration.tlsPolicy.name() eq 'disabled' ? 'checked' : ''}/>
<label for="plaintext-tlspolicy-disabled"><b>Disabled</b> - Encryption is not allowed.</label>
</td>
</tr>
<tr valign="middle">
<td>
<input type="radio" name="plaintext-tlspolicy" value="optional" id="plaintext-tlspolicy-optional" ${plaintextConfiguration.tlsPolicy.name() eq 'optional' ? 'checked' : ''}/>
<label for="plaintext-tlspolicy-optional"><b>Optional</b> - Encryption may be used, but is not required.</label>
</td>
</tr>
<tr valign="middle">
<td>
<input type="radio" name="plaintext-tlspolicy" value="required" id="plaintext-tlspolicy-required" ${plaintextConfiguration.tlsPolicy.name() eq 'required' ? 'checked' : ''}/>
<label for="plaintext-tlspolicy-required"><b>Required</b> - Connections cannot be established unless they are encrypted.</label>
</td>
</tr>
</table>
<br/>
<h4>Mutual Authentication</h4>
<p>In addition to requiring peers to use encryption (which will force them to verify the security certificates of this Openfire instance) an additional level of security can be enabled. With this option, the server can be configured to verify certificates that are to be provided by the peers. This is commonly referred to as 'mutual authentication'.</p>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td>
<input type="radio" name="plaintext-mutualauthentication" value="disabled" id="plaintext-mutualauthentication-disabled" ${plaintextConfiguration.clientAuth.name() eq 'disabled' ? 'checked' : ''}/>
<label for="plaintext-mutualauthentication-disabled"><b>Disabled</b> - Peer certificates are not verified.</label>
</td>
</tr>
<tr valign="middle">
<td>
<input type="radio" name="plaintext-mutualauthentication" value="wanted" id="plaintext-mutualauthentication-wanted" ${plaintextConfiguration.clientAuth.name() eq 'wanted' ? 'checked' : ''}/>
<label for="plaintext-mutualauthentication-wanted"><b>Wanted</b> - Peer certificates are verified, but only when they are presented by the peer.</label>
</td>
</tr>
<tr valign="middle">
<td>
<input type="radio" name="plaintext-mutualauthentication" value="needed" id="plaintext-mutualauthentication-needed" ${plaintextConfiguration.clientAuth.name() eq 'needed' ? 'checked' : ''}/>
<label for="plaintext-mutualauthentication-needed"><b>Needed</b> - A connection cannot be established if the peer does not present a valid certificate.</label>
</td>
</tr>
</table>
<br/>
<h4>Miscellaneous settings</h4>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td width="1%" nowrap><label for="plaintext-maxThreads">Maximum worker threads</label></td>
<td width="99%"><input type="text" name="plaintext-maxThreads" id="plaintext-maxThreads" value="${plaintextConfiguration.maxThreadPoolSize}" readonly/></td>
</tr>
</table>
</div>
</admin:contentBox>
<admin:contentBox title="Encrypted (legacy-mode) connections">
<p>Connections of this type are established using encryption immediately (as opposed to using STARTTLS). This type of connectivity is commonly referred to as the "legacy" method of establishing encrypted communications.</p>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td><input type="checkbox" name="legacymode-enabled" id="legacymode-enabled" onclick="applyDisplayable('legacymode')" ${legacymodeConfiguration.enabled ? 'checked' : ''}/><label for="legacymode-enabled">Enabled</label></td>
</tr>
</table>
<div id="legacymode-config">
<br/>
<h4>TCP settings</h4>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td width="1%" nowrap><label for="legacymode-tcpPort">Port number</label></td>
<td width="99%"><input type="text" name="legacymode-tcpPort" id="legacymode-tcpPort" value="${legacymodeConfiguration.port}"></td>
</tr>
<tr valign="middle">
<td width="1%" nowrap><label for="legacymode-readBuffer">Read buffer</label></td>
<td width="99%"><input type="text" name="legacymode-readBuffer" id="legacymode-readBuffer" value="${legacymodeConfiguration.maxBufferSize}" readonly/> (in bytes)</td>
</tr>
</table>
<br/>
<h4>Mutual Authentication</h4>
<p>In addition to requiring peers to use encryption (which will force them to verify the security certificates of this Openfire instance) an additional level of security can be enabled. With this option, the server can be configured to verify certificates that are to be provided by the peers. This is commonly referred to as 'mutual authentication'.</p>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td>
<input type="radio" name="legacymode-mutualauthentication" value="disabled" id="legacymode-mutualauthentication-disabled" ${legacymodeConfiguration.clientAuth.name() eq 'disabled' ? 'checked' : ''}/>
<label for="legacymode-mutualauthentication-disabled"><b>Disabled</b> - Peer certificates are not verified.</label>
</td>
</tr>
<tr valign="middle">
<td>
<input type="radio" name="legacymode-mutualauthentication" value="wanted" id="legacymode-mutualauthentication-wanted" ${legacymodeConfiguration.clientAuth.name() eq 'optional' ? 'checked' : ''}/>
<label for="legacymode-mutualauthentication-wanted"><b>Wanted</b> - Peer certificates are verified, but only when they are presented by the peer.</label>
</td>
</tr>
<tr valign="middle">
<td>
<input type="radio" name="legacymode-mutualauthentication" value="needed" id="legacymode-mutualauthentication-needed" ${legacymodeConfiguration.clientAuth.name() eq 'required' ? 'checked' : ''}/>
<label for="legacymode-mutualauthentication-needed"><b>Needed</b> - A connection cannot be established if the peer does not present a valid certificate.</label>
</td>
</tr>
</table>
<br/>
<h4>Miscellaneous settings</h4>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td width="1%" nowrap><label for="legacymode-maxThreads">Maximum worker threads</label></td>
<td width="99%"><input type="text" name="legacymode-maxThreads" id="legacymode-maxThreads" value="${legacymodeConfiguration.maxThreadPoolSize}" readonly/></td>
</tr>
</table>
</div>
</admin:contentBox>
<!-- BEGIN 'Idle Connection Policy' -->
<c:set var="idleTitle">
<fmt:message key="client.connections.settings.idle.title" />
</c:set>
<admin:contentBox title="${idleTitle}">
<p><fmt:message key="client.connections.settings.idle.info" /></p>
<table cellpadding="3" cellspacing="0" border="0" width="100%">
<tbody>
<tr valign="top">
<td width="1%" nowrap class="c1">
<input type="radio" name="idleDisco" value="false" ${clientIdle le 0 ? 'checked' : ''} id="IDL01">
</td>
<td width="99%"><label for="IDL01"><fmt:message key="client.connections.settings.idle.disable" /></label></td>
</tr>
<tr valign="top">
<td width="1%" nowrap class="c1">
<input type="radio" name="idleDisco" value="true" ${clientIdle gt 0 ? 'checked' : ''} id="IDL02">
</td>
<td width="99%">
<label for="IDL02"><fmt:message key="client.connections.settings.idle.enable" /></label>
<br />
<c:if test="${clientIdle gt 0}">
<c:set var="seconds">
<fmt:parseNumber integerOnly="true">${clientIdle div 1000}</fmt:parseNumber>
</c:set>
</c:if>
<input type="text" name="clientIdle" value="${clientIdle gt 0 ? seconds : ''}" size="5" maxlength="5">&nbsp;<fmt:message key="global.seconds" />
<c:if test="${not empty errors['clientIdle']}">
<br/>
<span class="jive-error-text">
<fmt:message key="client.connections.settings.idle.valid_timeout" />.
</span>
</c:if>
</td>
</tr>
<tr><td colspan="2">&nbsp;</td></tr>
<tr>
<td>&nbsp;</td>
<td>
<p><fmt:message key="client.connections.settings.ping.info" />
<fmt:message key="client.connections.settings.ping.footnote" /></p>
<table cellpadding="3" cellspacing="0" border="0" width="100%">
<tbody>
<tr valign="top">
<td width="1%" nowrap class="c1">
<input type="radio" name="pingIdleClients" value="true" ${pingIdleClients ? 'checked' : ''} id="PNG01">
</td>
<td width="99%"><label for="PNG01"><fmt:message key="client.connections.settings.ping.enable" /></label></td>
</tr>
<tr valign="top">
<td width="1%" nowrap class="c1">
<input type="radio" name="pingIdleClients" value="false" ${pingIdleClients ? '' : 'checked'} id="PNG02">
</td>
<td width="99%"><label for="PNG02"><fmt:message key="client.connections.settings.ping.disable" /></label></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</admin:contentBox>
<!-- END 'Idle Connection Policy' -->
<input type="submit" name="update" value="<fmt:message key="global.save_settings" />">
</form>
</body>
</html>
\ No newline at end of file
......@@ -242,38 +242,29 @@
<title><fmt:message key="ssl.settings.title"/></title>
<meta name="pageID" content="server-ssl"/>
<meta name="helpPage" content="manage_security_certificates.html"/>
<script language="JavaScript" type="text/javascript">
<!-- // code for window popups
function showOrHide(whichLayer, mode)
<script type="text/javascript">
<!-- //
function setEnabled( connectionType )
{
var configBlock, enabled;
if (mode == "show") {
mode = "";
}
else {
mode = "none";
}
// Select the right configuration block and enable or disable it as defined by the the corresponding checkbox.
configBlock = document.getElementById( connectionType + "-config" );
enabled = document.getElementById( connectionType + "-enabled" ).checked;
if (document.getElementById)
{
// this is the way the standards work
var style2 = document.getElementById(whichLayer).style;
style2.display = mode;
}
else if (document.all)
{
// this is the way old msie versions work
var style2 = document.all[whichLayer].style;
style2.display = mode;
}
else if (document.layers)
{
// this is the way nn4 works
var style2 = document.layers[whichLayer].style;
style2.display = mode;
}
if ( ( configBlock != null ) && ( enabled != null ) )
{
if ( enabled )
{
configBlock.style.display = "block";
}
else
{
configBlock.style.display = "none";
}
}
}
//-->
//-->
</script>
</head>
<body>
......@@ -290,205 +281,371 @@
<fmt:message key="ssl.settings.client.info" />
</p>
<!-- BEGIN 'Client Connection Security' -->
<form action="ssl-settings.jsp" method="post">
<div class="jive-contentBox" style="-moz-border-radius: 3px;">
<h4><fmt:message key="ssl.settings.client.legend" /></h4>
<table cellpadding="3" cellspacing="0" border="0">
<tbody>
<tr valign="middle">
<tr valign="middle">
<td width="1%" nowrap>
<input type="radio" name="clientSecurityRequired" value="notreq" id="rb02" onclick="showOrHide('custom', 'hide')"
<%= ("notreq".equals(clientSecurityRequired) ? "checked" : "") %>>
</td>
<td width="99%">
<label for="rb02">
<b><fmt:message key="ssl.settings.client.label_notrequired" /></b> - <fmt:message key="ssl.settings.client.label_notrequired_info" />
</label>
</td>
</tr>
<tr valign="middle">
<td width="1%" nowrap>
<input type="radio" name="clientSecurityRequired" value="req" id="rb01" onclick="showOrHide('custom', 'hide')"
<%= ("req".equals(clientSecurityRequired) ? "checked" : "") %>>
</td>
<td width="99%">
<label for="rb01">
<b><fmt:message key="ssl.settings.client.label_required" /></b> - <fmt:message key="ssl.settings.client.label_required_info" />
</label>
</td>
</tr>
<tr valign="middle">
<td width="1%" nowrap>
<input type="radio" name="clientSecurityRequired" value="custom" id="rb03" onclick="showOrHide('custom', 'show')"
<%= ("custom".equals(clientSecurityRequired) ? "checked" : "") %>>
</td>
<td width="99%">
<label for="rb03">
<b><fmt:message key="ssl.settings.client.label_custom" /></b> - <fmt:message key="ssl.settings.client.label_custom_info" />
</label>
</td>
</tr>
<tr valign="top" id="custom" <% if (!"custom".equals(clientSecurityRequired)) out.write("style=\"display:none\""); %>>
<td width="1%" nowrap>
&nbsp;
</td>
<td width="99%">
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="top">
<td width="1%" nowrap>
<fmt:message key="ssl.settings.client.customSSL" />
</td>
<td width="99%">
<input type="radio" name="ssl" value="disabled" id="rb04" <%= ("disabled".equals(ssl) ? "checked" : "") %>
onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb04"><fmt:message key="ssl.settings.notavailable" /></label>&nbsp;&nbsp;
<input type="radio" name="ssl" value="available" id="rb05" <%= ("available".equals(ssl) ? "checked" : "") %>
onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb05"><fmt:message key="ssl.settings.available" /></label>
</td>
</tr>
<tr valign="top">
<td width="1%" nowrap>
<fmt:message key="ssl.settings.client.customTLS" />
</td>
<td width="99%">
<input type="radio" name="tls" value="disabled" id="rb06" <%= ("disabled".equals(tls) ? "checked" : "") %>
onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb06"><fmt:message key="ssl.settings.notavailable" /></label>&nbsp;&nbsp;
<input type="radio" name="tls" value="optional" id="rb07" <%= ("optional".equals(tls) ? "checked" : "") %>
onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb07"><fmt:message key="ssl.settings.optional" /></label>&nbsp;&nbsp;
<input type="radio" name="tls" value="required" id="rb08" <%= ("required".equals(tls) ? "checked" : "") %>
onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb08"><fmt:message key="ssl.settings.required" /></label>
</td>
</tr>
<tr valign="top">
<td width="1%" nowrap>
<fmt:message key="ssl.settings.client.custom.mutualauth.socket" />
</td>
<td width="99%">
<input type="radio" name="clientMutualAuthenticationSocket" value="disabled" id="rb16" <%= ("disabled".equals(clientMutualAuthenticationSocket) ? "checked" : "") %>
onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb16"><fmt:message key="ssl.settings.notavailable" /></label>&nbsp;&nbsp;
<input type="radio" name="clientMutualAuthenticationSocket" value="wanted" id="rb17" <%= ("wanted".equals(clientMutualAuthenticationSocket) ? "checked" : "") %>
onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb17"><fmt:message key="ssl.settings.optional" /></label>&nbsp;&nbsp;
<input type="radio" name="clientMutualAuthenticationSocket" value="needed" id="rb18" <%= ("needed".equals(clientMutualAuthenticationSocket) ? "checked" : "") %>
onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb18"><fmt:message key="ssl.settings.required" /></label>
</td>
</tr>
<tr valign="top">
<td width="1%" nowrap>
<fmt:message key="ssl.settings.client.custom.mutualauth.bosh" />
</td>
<td width="99%">
<input type="radio" name="clientMutualAuthenticationBOSH" value="disabled" id="rb19" <%= ("disabled".equals(clientMutualAuthenticationBOSH) ? "checked" : "") %>
onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb19"><fmt:message key="ssl.settings.notavailable" /></label>&nbsp;&nbsp;
<input type="radio" name="clientMutualAuthenticationBOSH" value="wanted" id="rb20" <%= ("wanted".equals(clientMutualAuthenticationBOSH) ? "checked" : "") %>
onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb20"><fmt:message key="ssl.settings.optional" /></label>&nbsp;&nbsp;
<input type="radio" name="clientMutualAuthenticationBOSH" value="needed" id="rb21" <%= ("needed".equals(clientMutualAuthenticationBOSH) ? "checked" : "") %>
onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb21"><fmt:message key="ssl.settings.required" /></label>
</td>
</tr>
</table>
</td>
</tr>
</tbody>
</table>
<!-- END 'Client Connection Security' -->
<br/>
<br/>
<!-- BEGIN 'Server Connection Security' -->
<admin:contentBox title="Plain-text (with STARTTLS) connections">
<p>Accept plain-text connections, which, depending on the policy that is configured here, are upgraded to encrypted connections (using the STARTTLS protocol).</p>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td><input type="checkbox" name="plaintext-enabled" id="plaintext-enabled" onclick="setEnabled('plaintext')"/><label for="plaintext-enabled">Enabled</label></td>
</tr>
</table>
<div id="plaintext-config">
<br/>
<h4>TCP settings</h4>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td width="1%" nowrap><label for="plaintext-tcpPort">Port number</label></td>
<td width="99%"><input type="text" id="plaintext-tcpPort"></td>
</tr>
<tr valign="middle">
<td width="1%" nowrap><label for="plaintext-readBuffer">Read buffer</label></td>
<td width="99%"><input type="text" id="plaintext-readBuffer"> (in bytes)</td>
</tr>
</table>
<h4><fmt:message key="ssl.settings.server.legend" /></h4>
<table cellpadding="3" cellspacing="0" border="0">
<tbody>
<tr valign="middle">
<tr valign="middle">
<td width="1%" nowrap>
<input type="radio" name="serverSecurityRequired" value="notreq" id="rb09" onclick="showOrHide('server_custom', 'hide')"
<%= ("notreq".equals(serverSecurityRequired) ? "checked" : "") %>>
</td>
<td width="99%">
<label for="rb09">
<b><fmt:message key="ssl.settings.server.label_notrequired" /></b> - <fmt:message key="ssl.settings.server.label_notrequired_info" />
</label>
</td>
</tr>
<tr valign="middle">
<td width="1%" nowrap>
<input type="radio" name="serverSecurityRequired" value="req" id="rb10" onclick="showOrHide('server_custom', 'hide')"
<%= ("req".equals(serverSecurityRequired) ? "checked" : "") %>>
</td>
<td width="99%">
<label for="rb10">
<b><fmt:message key="ssl.settings.server.label_required" /></b> - <fmt:message key="ssl.settings.server.label_required_info" />
</label>
</td>
</tr>
<tr valign="middle">
<td width="1%" nowrap>
<input type="radio" name="serverSecurityRequired" value="custom" id="rb11" onclick="showOrHide('server_custom', 'show')"
<%= ("custom".equals(serverSecurityRequired) ? "checked" : "") %>>
</td>
<td width="99%">
<label for="rb11">
<b><fmt:message key="ssl.settings.server.label_custom" /></b> - <fmt:message key="ssl.settings.server.label_custom_info" />
</label>
</td>
</tr>
<tr valign="top" id="server_custom" <% if (!"custom".equals(serverSecurityRequired)) out.write("style=\"display:none\""); %>>
<td width="1%" nowrap>
&nbsp;
</td>
<td width="99%">
<table cellpadding="3" cellspacing="0" border="0" width="100%">
<tr valign="top">
<td width="1%" nowrap>
<fmt:message key="ssl.settings.server.dialback" />
</td>
<td width="99%">
<input type="radio" name="dialback" value="disabled" id="rb12" <%= ("disabled".equals(dialback) ? "checked" : "") %>
onclick="this.form.serverSecurityRequired[2].checked=true;">&nbsp;<label for="rb12"><fmt:message key="ssl.settings.notavailable" /></label>&nbsp;&nbsp;
<input type="radio" name="dialback" value="available" id="rb13" <%= ("available".equals(dialback) ? "checked" : "") %>
onclick="this.form.serverSecurityRequired[2].checked=true;">&nbsp;<label for="rb13"><fmt:message key="ssl.settings.available" /></label>
</td>
</tr>
<tr valign="top">
<td width="1%" nowrap>
<fmt:message key="ssl.settings.server.customTLS" />
</td>
<td width="99%">
<input type="radio" name="server_tls" value="disabled" id="rb14" <%= ("disabled".equals(server_tls) ? "checked" : "") %>
onclick="this.form.serverSecurityRequired[2].checked=true;">&nbsp;<label for="rb14"><fmt:message key="ssl.settings.notavailable" /></label>&nbsp;&nbsp;
<input type="radio" name="server_tls" value="optional" id="rb15" <%= ("optional".equals(server_tls) ? "checked" : "") %>
onclick="this.form.serverSecurityRequired[2].checked=true;">&nbsp;<label for="rb15"><fmt:message key="ssl.settings.optional" /></label>&nbsp;&nbsp;
<input type="radio" name="server_tls" value="required" id="rb22" <%= ("required".equals(server_tls) ? "checked" : "") %>
onclick="this.form.serverSecurityRequired[2].checked=true;">&nbsp;<label for="rb22"><fmt:message key="ssl.settings.required" /></label>&nbsp;&nbsp;
</td>
</tr>
</table>
</td>
</tr>
<br/>
<h4>STARTTLS policy</h4>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td>
<input type="radio" name="plaintext-tlspolicy" value="disabled" id="plaintext-tlspolicy-disabled"/>
<label for="plaintext-tlspolicy-disabled"><b>Disabled</b> - Encryption is not allowed.</label>
</td>
</tr>
<tr valign="middle">
<td width="1%" nowrap>
<input type="checkbox" name="selfSigned" id="cb02" <%= (selfSigned ? "checked" : "") %>>
<td>
<input type="radio" name="plaintext-tlspolicy" value="optional" id="plaintext-tlspolicy-optional"/>
<label for="plaintext-tlspolicy-optional"><b>Optional</b> - Encryption may be used, but is not required.</label>
</td>
<td width="99%">
<label for="rb02">
<fmt:message key="ssl.settings.client.label_self-signed" />
</label>
</tr>
<tr valign="middle">
<td>
<input type="radio" name="plaintext-tlspolicy" value="required" id="plaintext-tlspolicy-required"/>
<label for="plaintext-tlspolicy-required"><b>Required</b> - Connections cannot be established unless they are encrypted.</label>
</td>
</tr>
</tbody>
</table>
</div>
</table>
<br/>
<h4>Mutual Authentication</h4>
<p>In addition to requiring peers to use encryption (which will force them to verify the security certificates of this Openfire instance) an additional level of security can be enabled. With this option, the server can be configured to verify certificates that are to be provided by the peers. This is commonly referred to as 'mutual authentication'.</p>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td>
<input type="radio" name="plaintext-mutualauthentication" value="disabled" id="plaintext-mutualauthentication-disabled"/>
<label for="plaintext-mutualauthentication-disabled"><b>Disabled</b> - Peer certificates are not verified.</label>
</td>
</tr>
<tr valign="middle">
<td>
<input type="radio" name="plaintext-mutualauthentication" value="optional" id="plaintext-mutualauthentication-wanted"/>
<label for="plaintext-mutualauthentication-wanted"><b>Wanted</b> - Peer certificates are verified, but only when they are presented by the peer.</label>
</td>
</tr>
<tr valign="middle">
<td>
<input type="radio" name="plaintext-mutualauthentication" value="required" id="plaintext-mutualauthentication-needed"/>
<label for="plaintext-mutualauthentication-needed"><b>Needed</b> - A connection cannot be established if the peer does not present a valid certificate.</label>
</td>
</tr>
</table>
<br/>
<h4>Miscellaneous settings</h4>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td width="1%" nowrap><label for="plaintext-maxThreads">Maximum worker threads</label></td>
<td width="99%"><input type="text" id="plaintext-maxThreads"></td>
</tr>
</table>
</div>
</admin:contentBox>
<admin:contentBox title="Encrypted (legacy-mode) connections">
<p>Accept encrypted connections (as opposed to plain-text connections that are upgraded to encryption using STARTTLS). This type of connectivity is often referred to as the "legacy" method of establishing encrypted communications.</p>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td><input type="checkbox" name="legacymode-enabled" id="legacymode-enabled" onclick="setEnabled('legacymode')"/><label for="legacymode-enabled">Enabled</label></td>
</tr>
</table>
<div id="legacymode-config">
<br/>
<h4>TCP settings</h4>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td width="1%" nowrap><label for="legacymode-tcpPort">Port number</label></td>
<td width="99%"><input type="text" id="legacymode-tcpPort"></td>
</tr>
<tr valign="middle">
<td width="1%" nowrap><label for="legacymode-readBuffer">Read buffer</label></td>
<td width="99%"><input type="text" id="legacymode-readBuffer"> (in bytes)</td>
</tr>
</table>
<br/>
<h4>Mutual Authentication</h4>
<p>In addition to requiring peers to use encryption (which will force them to verify the security certificates of this Openfire instance) an additional level of security can be enabled. With this option, the server can be configured to verify certificates that are to be provided by the peers. This is commonly referred to as 'mutual authentication'.</p>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td>
<input type="radio" name="legacymode-mutualauthentication" value="disabled" id="legacymode-mutualauthentication-disabled"/>
<label for="legacymode-mutualauthentication-disabled"><b>Disabled</b> - Peer certificates are not verified.</label>
</td>
</tr>
<tr valign="middle">
<td>
<input type="radio" name="legacymode-mutualauthentication" value="optional" id="legacymode-mutualauthentication-wanted"/>
<label for="legacymode-mutualauthentication-wanted"><b>Wanted</b> - Peer certificates are verified, but only when they are presented by the peer.</label>
</td>
</tr>
<tr valign="middle">
<td>
<input type="radio" name="legacymode-mutualauthentication" value="required" id="legacymode-mutualauthentication-needed"/>
<label for="legacymode-mutualauthentication-needed"><b>Needed</b> - A connection cannot be established if the peer does not present a valid certificate.</label>
</td>
</tr>
</table>
<br/>
<h4>Miscellaneous settings</h4>
<table cellpadding="3" cellspacing="0" border="0">
<tr valign="middle">
<td width="1%" nowrap><label for="legacymode-maxThreads">Maximum worker threads</label></td>
<td width="99%"><input type="text" id="legacymode-maxThreads"></td>
</tr>
</table>
</div>
</admin:contentBox>
<input type="submit" name="update" value="<fmt:message key="global.save_settings" />">
</form>
<%--<form action="ssl-settings.jsp" method="post">--%>
<%--<div class="jive-contentBox" style="-moz-border-radius: 3px;">--%>
<%--<h4><fmt:message key="ssl.settings.client.legend" /></h4>--%>
<%--<table cellpadding="3" cellspacing="0" border="0">--%>
<%--<tbody>--%>
<%--<tr valign="middle">--%>
<%--<tr valign="middle">--%>
<%--<td width="1%" nowrap>--%>
<%--<input type="radio" name="clientSecurityRequired" value="notreq" id="rb02" onclick="showOrHide('custom', 'hide')"--%>
<%--<%= ("notreq".equals(clientSecurityRequired) ? "checked" : "") %>>--%>
<%--</td>--%>
<%--<td width="99%">--%>
<%--<label for="rb02">--%>
<%--<b><fmt:message key="ssl.settings.client.label_notrequired" /></b> - <fmt:message key="ssl.settings.client.label_notrequired_info" />--%>
<%--</label>--%>
<%--</td>--%>
<%--</tr>--%>
<%--<tr valign="middle">--%>
<%--<td width="1%" nowrap>--%>
<%--<input type="radio" name="clientSecurityRequired" value="req" id="rb01" onclick="showOrHide('custom', 'hide')"--%>
<%--<%= ("req".equals(clientSecurityRequired) ? "checked" : "") %>>--%>
<%--</td>--%>
<%--<td width="99%">--%>
<%--<label for="rb01">--%>
<%--<b><fmt:message key="ssl.settings.client.label_required" /></b> - <fmt:message key="ssl.settings.client.label_required_info" />--%>
<%--</label>--%>
<%--</td>--%>
<%--</tr>--%>
<%--<tr valign="middle">--%>
<%--<td width="1%" nowrap>--%>
<%--<input type="radio" name="clientSecurityRequired" value="custom" id="rb03" onclick="showOrHide('custom', 'show')"--%>
<%--<%= ("custom".equals(clientSecurityRequired) ? "checked" : "") %>>--%>
<%--</td>--%>
<%--<td width="99%">--%>
<%--<label for="rb03">--%>
<%--<b><fmt:message key="ssl.settings.client.label_custom" /></b> - <fmt:message key="ssl.settings.client.label_custom_info" />--%>
<%--</label>--%>
<%--</td>--%>
<%--</tr>--%>
<%--<tr valign="top" id="custom" <% if (!"custom".equals(clientSecurityRequired)) out.write("style=\"display:none\""); %>>--%>
<%--<td width="1%" nowrap>--%>
<%--&nbsp;--%>
<%--</td>--%>
<%--<td width="99%">--%>
<%--<table cellpadding="3" cellspacing="0" border="0">--%>
<%--<tr valign="top">--%>
<%--<td width="1%" nowrap>--%>
<%--<fmt:message key="ssl.settings.client.customSSL" />--%>
<%--</td>--%>
<%--<td width="99%">--%>
<%--<input type="radio" name="ssl" value="disabled" id="rb04" <%= ("disabled".equals(ssl) ? "checked" : "") %>--%>
<%--onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb04"><fmt:message key="ssl.settings.notavailable" /></label>&nbsp;&nbsp;--%>
<%--<input type="radio" name="ssl" value="available" id="rb05" <%= ("available".equals(ssl) ? "checked" : "") %>--%>
<%--onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb05"><fmt:message key="ssl.settings.available" /></label>--%>
<%--</td>--%>
<%--</tr>--%>
<%--<tr valign="top">--%>
<%--<td width="1%" nowrap>--%>
<%--<fmt:message key="ssl.settings.client.customTLS" />--%>
<%--</td>--%>
<%--<td width="99%">--%>
<%--<input type="radio" name="tls" value="disabled" id="rb06" <%= ("disabled".equals(tls) ? "checked" : "") %>--%>
<%--onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb06"><fmt:message key="ssl.settings.notavailable" /></label>&nbsp;&nbsp;--%>
<%--<input type="radio" name="tls" value="optional" id="rb07" <%= ("optional".equals(tls) ? "checked" : "") %>--%>
<%--onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb07"><fmt:message key="ssl.settings.optional" /></label>&nbsp;&nbsp;--%>
<%--<input type="radio" name="tls" value="required" id="rb08" <%= ("required".equals(tls) ? "checked" : "") %>--%>
<%--onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb08"><fmt:message key="ssl.settings.required" /></label>--%>
<%--</td>--%>
<%--</tr>--%>
<%--<tr valign="top">--%>
<%--<td width="1%" nowrap>--%>
<%--<fmt:message key="ssl.settings.client.custom.mutualauth.socket" />--%>
<%--</td>--%>
<%--<td width="99%">--%>
<%--<input type="radio" name="clientMutualAuthenticationSocket" value="disabled" id="rb16" <%= ("disabled".equals(clientMutualAuthenticationSocket) ? "checked" : "") %>--%>
<%--onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb16"><fmt:message key="ssl.settings.notavailable" /></label>&nbsp;&nbsp;--%>
<%--<input type="radio" name="clientMutualAuthenticationSocket" value="wanted" id="rb17" <%= ("wanted".equals(clientMutualAuthenticationSocket) ? "checked" : "") %>--%>
<%--onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb17"><fmt:message key="ssl.settings.optional" /></label>&nbsp;&nbsp;--%>
<%--<input type="radio" name="clientMutualAuthenticationSocket" value="needed" id="rb18" <%= ("needed".equals(clientMutualAuthenticationSocket) ? "checked" : "") %>--%>
<%--onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb18"><fmt:message key="ssl.settings.required" /></label>--%>
<%--</td>--%>
<%--</tr>--%>
<%--<tr valign="top">--%>
<%--<td width="1%" nowrap>--%>
<%--<fmt:message key="ssl.settings.client.custom.mutualauth.bosh" />--%>
<%--</td>--%>
<%--<td width="99%">--%>
<%--<input type="radio" name="clientMutualAuthenticationBOSH" value="disabled" id="rb19" <%= ("disabled".equals(clientMutualAuthenticationBOSH) ? "checked" : "") %>--%>
<%--onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb19"><fmt:message key="ssl.settings.notavailable" /></label>&nbsp;&nbsp;--%>
<%--<input type="radio" name="clientMutualAuthenticationBOSH" value="wanted" id="rb20" <%= ("wanted".equals(clientMutualAuthenticationBOSH) ? "checked" : "") %>--%>
<%--onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb20"><fmt:message key="ssl.settings.optional" /></label>&nbsp;&nbsp;--%>
<%--<input type="radio" name="clientMutualAuthenticationBOSH" value="needed" id="rb21" <%= ("needed".equals(clientMutualAuthenticationBOSH) ? "checked" : "") %>--%>
<%--onclick="this.form.clientSecurityRequired[2].checked=true;">&nbsp;<label for="rb21"><fmt:message key="ssl.settings.required" /></label>--%>
<%--</td>--%>
<%--</tr>--%>
<%--</table>--%>
<%--</td>--%>
<%--</tr>--%>
<%--</tbody>--%>
<%--</table>--%>
<%--<!-- END 'Client Connection Security' -->--%>
<%--<br/>--%>
<%--<br/>--%>
<%--<!-- BEGIN 'Server Connection Security' -->--%>
<%--<h4><fmt:message key="ssl.settings.server.legend" /></h4>--%>
<%--<table cellpadding="3" cellspacing="0" border="0">--%>
<%--<tbody>--%>
<%--<tr valign="middle">--%>
<%--<tr valign="middle">--%>
<%--<td width="1%" nowrap>--%>
<%--<input type="radio" name="serverSecurityRequired" value="notreq" id="rb09" onclick="showOrHide('server_custom', 'hide')"--%>
<%--<%= ("notreq".equals(serverSecurityRequired) ? "checked" : "") %>>--%>
<%--</td>--%>
<%--<td width="99%">--%>
<%--<label for="rb09">--%>
<%--<b><fmt:message key="ssl.settings.server.label_notrequired" /></b> - <fmt:message key="ssl.settings.server.label_notrequired_info" />--%>
<%--</label>--%>
<%--</td>--%>
<%--</tr>--%>
<%--<tr valign="middle">--%>
<%--<td width="1%" nowrap>--%>
<%--<input type="radio" name="serverSecurityRequired" value="req" id="rb10" onclick="showOrHide('server_custom', 'hide')"--%>
<%--<%= ("req".equals(serverSecurityRequired) ? "checked" : "") %>>--%>
<%--</td>--%>
<%--<td width="99%">--%>
<%--<label for="rb10">--%>
<%--<b><fmt:message key="ssl.settings.server.label_required" /></b> - <fmt:message key="ssl.settings.server.label_required_info" />--%>
<%--</label>--%>
<%--</td>--%>
<%--</tr>--%>
<%--<tr valign="middle">--%>
<%--<td width="1%" nowrap>--%>
<%--<input type="radio" name="serverSecurityRequired" value="custom" id="rb11" onclick="showOrHide('server_custom', 'show')"--%>
<%--<%= ("custom".equals(serverSecurityRequired) ? "checked" : "") %>>--%>
<%--</td>--%>
<%--<td width="99%">--%>
<%--<label for="rb11">--%>
<%--<b><fmt:message key="ssl.settings.server.label_custom" /></b> - <fmt:message key="ssl.settings.server.label_custom_info" />--%>
<%--</label>--%>
<%--</td>--%>
<%--</tr>--%>
<%--<tr valign="top" id="server_custom" <% if (!"custom".equals(serverSecurityRequired)) out.write("style=\"display:none\""); %>>--%>
<%--<td width="1%" nowrap>--%>
<%--&nbsp;--%>
<%--</td>--%>
<%--<td width="99%">--%>
<%--<table cellpadding="3" cellspacing="0" border="0" width="100%">--%>
<%--<tr valign="top">--%>
<%--<td width="1%" nowrap>--%>
<%--<fmt:message key="ssl.settings.server.dialback" />--%>
<%--</td>--%>
<%--<td width="99%">--%>
<%--<input type="radio" name="dialback" value="disabled" id="rb12" <%= ("disabled".equals(dialback) ? "checked" : "") %>--%>
<%--onclick="this.form.serverSecurityRequired[2].checked=true;">&nbsp;<label for="rb12"><fmt:message key="ssl.settings.notavailable" /></label>&nbsp;&nbsp;--%>
<%--<input type="radio" name="dialback" value="available" id="rb13" <%= ("available".equals(dialback) ? "checked" : "") %>--%>
<%--onclick="this.form.serverSecurityRequired[2].checked=true;">&nbsp;<label for="rb13"><fmt:message key="ssl.settings.available" /></label>--%>
<%--</td>--%>
<%--</tr>--%>
<%--<tr valign="top">--%>
<%--<td width="1%" nowrap>--%>
<%--<fmt:message key="ssl.settings.server.customTLS" />--%>
<%--</td>--%>
<%--<td width="99%">--%>
<%--<input type="radio" name="server_tls" value="disabled" id="rb14" <%= ("disabled".equals(server_tls) ? "checked" : "") %>--%>
<%--onclick="this.form.serverSecurityRequired[2].checked=true;">&nbsp;<label for="rb14"><fmt:message key="ssl.settings.notavailable" /></label>&nbsp;&nbsp;--%>
<%--<input type="radio" name="server_tls" value="optional" id="rb15" <%= ("optional".equals(server_tls) ? "checked" : "") %>--%>
<%--onclick="this.form.serverSecurityRequired[2].checked=true;">&nbsp;<label for="rb15"><fmt:message key="ssl.settings.optional" /></label>&nbsp;&nbsp;--%>
<%--<input type="radio" name="server_tls" value="required" id="rb22" <%= ("required".equals(server_tls) ? "checked" : "") %>--%>
<%--onclick="this.form.serverSecurityRequired[2].checked=true;">&nbsp;<label for="rb22"><fmt:message key="ssl.settings.required" /></label>&nbsp;&nbsp;--%>
<%--</td>--%>
<%--</tr>--%>
<%--</table>--%>
<%--</td>--%>
<%--</tr>--%>
<%--<tr valign="middle">--%>
<%--<td width="1%" nowrap>--%>
<%--<input type="checkbox" name="selfSigned" id="cb02" <%= (selfSigned ? "checked" : "") %>>--%>
<%--</td>--%>
<%--<td width="99%">--%>
<%--<label for="rb02">--%>
<%--<fmt:message key="ssl.settings.client.label_self-signed" />--%>
<%--</label>--%>
<%--</td>--%>
<%--</tr>--%>
<%--</tbody>--%>
<%--</table>--%>
<%--</div>--%>
<%--<input type="submit" name="update" value="<fmt:message key="global.save_settings" />">--%>
<%--</form>--%>
<!-- BEGIN 'Server Connection Security' -->
<script>
// Ensure that the various elements are set properly when the page is loaded.
window.onload = function()
{
setEnabled( "plaintext" );
setEnabled( "legacymode" );
};
</script>
</body>
</html>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment