📄 localconnectionmultiplexersession.java
字号:
return session;
}
catch (Exception e) {
Log.error("An error occured while creating a Connection Manager Session", e);
// Close the underlying connection
connection.close();
return null;
}
}
public LocalConnectionMultiplexerSession(String serverName, Connection connection, StreamID streamID) {
super(serverName, connection, streamID);
}
public String getAvailableStreamFeatures() {
if (conn.getTlsPolicy() == Connection.TLSPolicy.required && !conn.isSecure()) {
return null;
}
// Include Stream Compression Mechanism
if (conn.getCompressionPolicy() != Connection.CompressionPolicy.disabled &&
!conn.isCompressed()) {
return "<compression xmlns=\"http://jabber.org/features/compress\"><method>zlib</method></compression>";
}
return null;
}
/**
* Authenticates the connection manager. Shared secret is validated with the one provided
* by the connection manager. If everything went fine then the session will have a status
* of "authenticated" and the connection manager will receive the client configuration
* options.
*
* @param digest the digest provided by the connection manager with the handshake stanza.
* @return true if the connection manager was sucessfully authenticated.
*/
public boolean authenticate(String digest) {
// Perform authentication. Wait for the handshake (with the secret key)
String anticipatedDigest = AuthFactory.createDigest(getStreamID().getID(),
ConnectionMultiplexerManager.getDefaultSecret());
// Check that the provided handshake (secret key + sessionID) is correct
if (!anticipatedDigest.equalsIgnoreCase(digest)) {
Log.debug("LocalConnectionMultiplexerSession: [ConMng] Incorrect handshake for connection manager with domain: " +
getAddress().getDomain());
// The credentials supplied by the initiator are not valid (answer an error
// and close the connection)
conn.deliverRawText(new StreamError(StreamError.Condition.not_authorized).toXML());
// Close the underlying connection
conn.close();
return false;
}
else {
// Component has authenticated fine
setStatus(STATUS_AUTHENTICATED);
// Send empty handshake element to acknowledge success
conn.deliverRawText("<handshake></handshake>");
Log.debug("LocalConnectionMultiplexerSession: [ConMng] Connection manager was AUTHENTICATED with domain: " + getAddress());
sendClientOptions();
return true;
}
}
/**
* Send to the Connection Manager the connection options available for clients. The info
* to send includes:
* <ul>
* <li>if TLS is available, optional or required
* <li>SASL mechanisms available before TLS is negotiated
* <li>if compression is available
* <li>if Non-SASL authentication is available
* <li>if In-Band Registration is available
* </ul
*/
private void sendClientOptions() {
IQ options = new IQ(IQ.Type.set);
Element child = options.setChildElement("configuration",
"http://jabber.org/protocol/connectionmanager");
// Add info about TLS
if (LocalClientSession.getTLSPolicy() != Connection.TLSPolicy.disabled) {
Element tls = child.addElement("starttls", "urn:ietf:params:xml:ns:xmpp-tls");
if (LocalClientSession.getTLSPolicy() == Connection.TLSPolicy.required) {
tls.addElement("required");
}
}
// Add info about SASL mechanisms
Collection<String> mechanisms = SASLAuthentication.getSupportedMechanisms();
if (!mechanisms.isEmpty()) {
Element sasl = child.addElement("mechanisms", "urn:ietf:params:xml:ns:xmpp-sasl");
for (String mechanism : mechanisms) {
sasl.addElement("mechanism").setText(mechanism);
}
}
// Add info about Stream Compression
if (LocalClientSession.getCompressionPolicy() == Connection.CompressionPolicy.optional) {
Element comp = child.addElement("compression", "http://jabber.org/features/compress");
comp.addElement("method").setText("zlib");
}
// Add info about Non-SASL authentication
child.addElement("auth", "http://jabber.org/features/iq-auth");
// Add info about In-Band Registration
if (XMPPServer.getInstance().getIQRegisterHandler().isInbandRegEnabled()) {
child.addElement("register", "http://jabber.org/features/iq-register");
}
// Send the options
process(options);
}
boolean canProcess(Packet packet) {
return true;
}
void deliver(Packet packet) throws UnauthorizedException {
if (conn != null && !conn.isClosed()) {
conn.deliver(packet);
}
}
/**
* Returns whether TLS is mandatory, optional or is disabled for clients. When TLS is
* mandatory clients are required to secure their connections or otherwise their connections
* will be closed. On the other hand, when TLS is disabled clients are not allowed to secure
* their connections using TLS. Their connections will be closed if they try to secure the
* connection. in this last case.
*
* @return whether TLS is mandatory, optional or is disabled.
*/
public static SocketConnection.TLSPolicy getTLSPolicy() {
return tlsPolicy;
}
/**
* Sets whether TLS is mandatory, optional or is disabled for clients. When TLS is
* mandatory clients are required to secure their connections or otherwise their connections
* will be closed. On the other hand, when TLS is disabled clients are not allowed to secure
* their connections using TLS. Their connections will be closed if they try to secure the
* connection. in this last case.
*
* @param policy whether TLS is mandatory, optional or is disabled.
*/
public static void setTLSPolicy(SocketConnection.TLSPolicy policy) {
tlsPolicy = policy;
JiveGlobals.setProperty("xmpp.multiplex.tls.policy", tlsPolicy.toString());
}
/**
* Returns whether compression is optional or is disabled for clients.
*
* @return whether compression is optional or is disabled.
*/
public static SocketConnection.CompressionPolicy getCompressionPolicy() {
return compressionPolicy;
}
/**
* Sets whether compression is optional or is disabled for clients.
*
* @param policy whether compression is optional or is disabled.
*/
public static void setCompressionPolicy(SocketConnection.CompressionPolicy policy) {
compressionPolicy = policy;
JiveGlobals.setProperty("xmpp.multiplex.compression.policy", compressionPolicy.toString());
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -