1
0
Fork 0
mirror of https://codeberg.org/Mercury-IM/Smack synced 2024-11-27 00:32:07 +01:00

Throw an XMPPException if SASL authentication fails. SMACK-89

git-svn-id: http://svn.igniterealtime.org/svn/repos/smack/trunk@2817 b35dd754-fafc-0310-a699-88a17e54d16e
This commit is contained in:
Gaston Dombiak 2005-09-13 20:05:29 +00:00 committed by gato
parent bb0a864be9
commit 283b0f33f5
3 changed files with 73 additions and 11 deletions

View file

@ -316,9 +316,16 @@ class PacketReader {
resetParser(); resetParser();
} }
else if (parser.getName().equals("failure")) { else if (parser.getName().equals("failure")) {
// TLS negotiation has failed so close the connection. if ("urn:ietf:params:xml:ns:xmpp-tls".equals(parser.getNamespace(null))) {
// TLS negotiation has failed. The server will close the connection
throw new Exception("TLS negotiation has failed"); throw new Exception("TLS negotiation has failed");
} }
else {
// SASL authentication has failed. The server may close the connection
// depending on the number of retries
connection.getSASLAuthentication().authenticationFailed();
}
}
else if (parser.getName().equals("challenge")) { else if (parser.getName().equals("challenge")) {
// The server is challenging the SASL authentication made by the client // The server is challenging the SASL authentication made by the client
connection.getSASLAuthentication().challengeReceived(parser.nextText()); connection.getSASLAuthentication().challengeReceived(parser.nextText());

View file

@ -69,6 +69,11 @@ public class SASLAuthentication implements UserAuthentication {
* Boolean indicating if SASL negotiation has finished and was successful. * Boolean indicating if SASL negotiation has finished and was successful.
*/ */
private boolean saslNegotiated = false; private boolean saslNegotiated = false;
/**
* Boolean indication if SASL authentication has failed. When failed the server may end
* the connection.
*/
private boolean saslFailed = false;
private boolean resourceBinded = false; private boolean resourceBinded = false;
private boolean sessionSupported = false; private boolean sessionSupported = false;
@ -186,11 +191,19 @@ public class SASLAuthentication implements UserAuthentication {
// Wait until SASL negotiation finishes // Wait until SASL negotiation finishes
synchronized (this) { synchronized (this) {
if (!saslNegotiated && !saslFailed) {
try { try {
wait(30000); wait(30000);
} catch (InterruptedException e) { } catch (InterruptedException e) {
} }
} }
}
if (saslFailed) {
// SASL authentication failed and the server may have closed the connection
// so throw an exception
throw new XMPPException("SASL authentication failed");
}
if (saslNegotiated) { if (saslNegotiated) {
// We now need to bind a resource for the connection // We now need to bind a resource for the connection
@ -249,8 +262,11 @@ public class SASLAuthentication implements UserAuthentication {
return new NonSASLAuthentication(connection) return new NonSASLAuthentication(connection)
.authenticate(username, password, resource); .authenticate(username, password, resource);
} }
}
} catch (Exception e) { catch (XMPPException e) {
throw e;
}
catch (Exception e) {
e.printStackTrace(); e.printStackTrace();
// SASL authentication failed so try a Non-SASL authentication // SASL authentication failed so try a Non-SASL authentication
return new NonSASLAuthentication(connection) return new NonSASLAuthentication(connection)
@ -280,7 +296,7 @@ public class SASLAuthentication implements UserAuthentication {
// Wait until SASL negotiation finishes // Wait until SASL negotiation finishes
synchronized (this) { synchronized (this) {
if (!saslNegotiated) { if (!saslNegotiated && !saslFailed) {
try { try {
wait(5000); wait(5000);
} catch (InterruptedException e) { } catch (InterruptedException e) {
@ -288,6 +304,12 @@ public class SASLAuthentication implements UserAuthentication {
} }
} }
if (saslFailed) {
// SASL authentication failed and the server may have closed the connection
// so throw an exception
throw new XMPPException("SASL authentication failed");
}
if (saslNegotiated) { if (saslNegotiated) {
// Bind a resource for this connection and // Bind a resource for this connection and
return bindResourceAndEstablishSession(null); return bindResourceAndEstablishSession(null);
@ -366,6 +388,15 @@ public class SASLAuthentication implements UserAuthentication {
this.serverMechanisms = mechanisms; this.serverMechanisms = mechanisms;
} }
/**
* Returns true if the user was able to authenticate with the server usins SASL.
*
* @return true if the user was able to authenticate with the server usins SASL.
*/
public boolean isAuthenticated() {
return saslNegotiated;
}
/** /**
* The server is challenging the SASL authentication we just sent. Forward the challenge * The server is challenging the SASL authentication we just sent. Forward the challenge
* to the current SASLMechanism we are using. The SASLMechanism will send a response to * to the current SASLMechanism we are using. The SASLMechanism will send a response to
@ -391,6 +422,18 @@ public class SASLAuthentication implements UserAuthentication {
} }
} }
/**
* Notification message saying that SASL authentication has failed. The server may have
* closed the connection depending on the number of possible retries.
*/
void authenticationFailed() {
synchronized (this) {
saslFailed = true;
// Wake up the thread that is waiting in the #authenticate method
notify();
}
}
/** /**
* Notification message saying that the server requires the client to bind a * Notification message saying that the server requires the client to bind a
* resource to the stream. * resource to the stream.

View file

@ -12,6 +12,7 @@
package org.jivesoftware.smack; package org.jivesoftware.smack;
import org.jivesoftware.smack.test.SmackTestCase; import org.jivesoftware.smack.test.SmackTestCase;
import org.jivesoftware.smack.util.StringUtils;
/** /**
* Includes set of login tests. * Includes set of login tests.
@ -38,9 +39,11 @@ public class LoginTest extends SmackTestCase {
fail("Invalid user was able to log into the server"); fail("Invalid user was able to log into the server");
} }
catch (XMPPException e) { catch (XMPPException e) {
if (e.getXMPPError() != null) {
assertEquals("Incorrect error code while login with an invalid user", 401, assertEquals("Incorrect error code while login with an invalid user", 401,
e.getXMPPError().getCode()); e.getXMPPError().getCode());
} }
}
// Wait here while trying tests with exodus // Wait here while trying tests with exodus
//Thread.sleep(300); //Thread.sleep(300);
} }
@ -91,7 +94,16 @@ public class LoginTest extends SmackTestCase {
} }
} }
conn.login("user_1", "user_1", null); conn.login("user_1", "user_1", null);
if (conn.getSASLAuthentication().isAuthenticated()) {
// Check that the server assigned a resource
assertNotNull("JID assigned by server is missing", conn.getUser());
assertNotNull("JID assigned by server does not have a resource",
StringUtils.parseResource(conn.getUser()));
conn.close();
}
else {
fail("User with no resource was able to log into the server"); fail("User with no resource was able to log into the server");
}
} catch (XMPPException e) { } catch (XMPPException e) {
assertEquals("Wrong error code returned", 406, e.getXMPPError().getCode()); assertEquals("Wrong error code returned", 406, e.getXMPPError().getCode());