📄 externalcomponentmanager.java
字号:
/**
* $Revision: $
* $Date: $
*
* Copyright (C) 2008 Jive Software. All rights reserved.
*
* This software is published under the terms of the GNU Public License (GPL),
* a copy of which is included in this distribution, or a commercial license
* agreement with Jive.
*/
package org.jivesoftware.openfire.component;
import org.jivesoftware.database.DbConnectionManager;
import org.jivesoftware.openfire.ConnectionManager;
import org.jivesoftware.openfire.SessionManager;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.component.ExternalComponentConfiguration.Permission;
import org.jivesoftware.openfire.session.ComponentSession;
import org.jivesoftware.openfire.session.Session;
import org.jivesoftware.util.JiveGlobals;
import org.jivesoftware.util.Log;
import org.jivesoftware.util.ModificationNotAllowedException;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.concurrent.CopyOnWriteArrayList;
/**
* Manages the connection permissions for external components. When an external component is
* allowed to connect to this server then a special configuration for the component will be kept.
* The configuration holds information such as the shared secret that the component should use
* when authenticating with the server.
*
* @author Gaston Dombiak
*/
public class ExternalComponentManager {
private static final String ADD_CONFIGURATION =
"INSERT INTO jiveExtComponentConf (subdomain,secret,permission) VALUES (?,?,?)";
private static final String DELETE_CONFIGURATION =
"DELETE FROM jiveExtComponentConf WHERE subdomain=?";
private static final String LOAD_CONFIGURATION =
"SELECT secret,permission FROM jiveExtComponentConf where subdomain=?";
private static final String LOAD_CONFIGURATIONS =
"SELECT subdomain,secret FROM jiveExtComponentConf where permission=?";
/**
* List of listeners that will be notified when vCards are created, updated or deleted.
*/
private static List<ExternalComponentManagerListener> listeners =
new CopyOnWriteArrayList<ExternalComponentManagerListener>();
public static void setServiceEnabled(boolean enabled) throws ModificationNotAllowedException {
// Alert listeners about this event
for (ExternalComponentManagerListener listener : listeners) {
listener.serviceEnabled(enabled);
}
ConnectionManager connectionManager = XMPPServer.getInstance().getConnectionManager();
connectionManager.enableComponentListener(enabled);
}
public static boolean isServiceEnabled() {
ConnectionManager connectionManager = XMPPServer.getInstance().getConnectionManager();
return connectionManager.isComponentListenerEnabled();
}
public static void setServicePort(int port) throws ModificationNotAllowedException {
// Alert listeners about this event
for (ExternalComponentManagerListener listener : listeners) {
listener.portChanged(port);
}
ConnectionManager connectionManager = XMPPServer.getInstance().getConnectionManager();
connectionManager.setComponentListenerPort(port);
}
public static int getServicePort() {
ConnectionManager connectionManager = XMPPServer.getInstance().getConnectionManager();
return connectionManager.getComponentListenerPort();
}
/**
* Allows an external component to connect to the local server with the specified configuration.
*
* @param configuration the configuration for the external component.
* @throws ModificationNotAllowedException if the operation was denied.
*/
public static void allowAccess(ExternalComponentConfiguration configuration) throws ModificationNotAllowedException {
// Alert listeners about this event
for (ExternalComponentManagerListener listener : listeners) {
listener.componentAllowed(configuration.getSubdomain(), configuration);
}
// Remove any previous configuration for this external component
deleteConfigurationFromDB(configuration.getSubdomain());
// Update the database with the new granted permission and configuration
configuration.setPermission(Permission.allowed);
addConfiguration(configuration);
}
/**
* Blocks an external component from connecting to the local server. If the component was
* connected when the permission was revoked then the connection of the entity will be closed.
*
* @param subdomain the subdomain of the external component that is not allowed to connect.
* @throws ModificationNotAllowedException if the operation was denied.
*/
public static void blockAccess(String subdomain) throws ModificationNotAllowedException {
// Alert listeners about this event
for (ExternalComponentManagerListener listener : listeners) {
listener.componentBlocked(subdomain);
}
// Remove any previous configuration for this external component
deleteConfigurationFromDB(subdomain);
// Update the database with the new revoked permission
ExternalComponentConfiguration config = new ExternalComponentConfiguration(subdomain, Permission.blocked, null);
addConfiguration(config);
// Check if the component was connected and proceed to close the connection
String domain = subdomain + "." + XMPPServer.getInstance().getServerInfo().getXMPPDomain();
Session session = SessionManager.getInstance().getComponentSession(domain);
if (session != null) {
session.close();
}
}
/**
* Returns true if the external component with the specified subdomain can connect to the
* local server.
*
* @param subdomain the subdomain of the external component.
* @return true if the external component with the specified subdomain can connect to the
* local server.
*/
public static boolean canAccess(String subdomain) {
// By default there is no permission defined for the XMPP entity
Permission permission = null;
ExternalComponentConfiguration config = getConfiguration(subdomain);
if (config != null) {
permission = config.getPermission();
}
if (PermissionPolicy.blacklist == getPermissionPolicy()) {
// Anyone can access except those entities listed in the blacklist
return Permission.blocked != permission;
}
else {
// Access is limited to those present in the whitelist
return Permission.allowed == permission;
}
}
/**
* Returns the list of registered external components that are allowed to connect to this
* server when using a whitelist policy. However, when using a blacklist policy (i.e. anyone
* may connect to the server) the returned list of configurations will be used for obtaining
* the shared secret specific for each component.
*
* @return the configuration of the registered external components.
*/
public static Collection<ExternalComponentConfiguration> getAllowedComponents() {
return getConfigurations(Permission.allowed);
}
/**
* Returns the list of external components that are NOT allowed to connect to this
* server.
*
* @return the configuration of the blocked external components.
*/
public static Collection<ExternalComponentConfiguration> getBlockedComponents() {
return getConfigurations(Permission.blocked);
}
public static void updateComponentSecret(String subdomain, String secret) throws ModificationNotAllowedException {
// Alert listeners about this event
for (ExternalComponentManagerListener listener : listeners) {
listener.componentSecretUpdated(subdomain, secret);
}
ExternalComponentConfiguration configuration = getConfiguration(subdomain);
if (configuration != null) {
configuration.setPermission(Permission.allowed);
configuration.setSecret(secret);
// Remove any previous configuration for this external component
deleteConfigurationFromDB(subdomain);
}
else {
configuration = new ExternalComponentConfiguration(subdomain, Permission.allowed, secret);
}
addConfiguration(configuration);
}
/**
* Removes any existing defined permission and configuration for the specified
* external component.
*
* @param subdomain the subdomain of the external component.
* @throws ModificationNotAllowedException if the operation was denied.
*/
public static void deleteConfiguration(String subdomain) throws ModificationNotAllowedException {
// Alert listeners about this event
for (ExternalComponentManagerListener listener : listeners) {
listener.componentConfigurationDeleted(subdomain);
}
// Proceed to delete the configuration of the component
deleteConfigurationFromDB(subdomain);
}
/**
* Removes any existing defined permission and configuration for the specified
* external component from the database.
*
* @param subdomain the subdomain of the external component.
*/
private static void deleteConfigurationFromDB(String subdomain) {
// Remove the permission for the entity from the database
java.sql.Connection con = null;
PreparedStatement pstmt = null;
try {
con = DbConnectionManager.getConnection();
pstmt = con.prepareStatement(DELETE_CONFIGURATION);
pstmt.setString(1, subdomain);
pstmt.executeUpdate();
}
catch (SQLException sqle) {
Log.error(sqle);
}
finally {
try { if (pstmt != null) pstmt.close(); }
catch (Exception e) { Log.error(e); }
try { if (con != null) con.close(); }
catch (Exception e) { Log.error(e); }
}
}
/**
* Adds a new permission for the specified external component.
*
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -