Пример #1
0
 public void run() {
   try {
     Log.debug("Trying to configure Clearspace.");
     doConfigClearspace();
     updateClearspaceClientSettings();
   } catch (UnauthorizedException e) {
     Log.warn(
         "Unauthorization problem trying to configure Clearspace, trying again in 1 minute", e);
     // TODO: Mark that there is an authorization problem
   } catch (Exception e) {
     Log.warn("Unknown problem trying to configure Clearspace, trying again in 1 minute", e);
   }
 }
Пример #2
0
  private synchronized void doConfigClearspace() throws UnauthorizedException {

    Log.debug("Starting Clearspace configuration.");

    List<String> bindInterfaces = getServerInterfaces();
    if (bindInterfaces.size() == 0) {
      // We aren't up and running enough to tell Clearspace what interfaces to bind to.
      Log.debug("No bind interfaces found to config Clearspace");
      throw new IllegalStateException("There are no binding interfaces.");
    }

    try {

      XMPPServerInfo serverInfo = XMPPServer.getInstance().getServerInfo();

      String path = IM_URL_PREFIX + "configureComponent/";

      // Creates the XML with the data
      Document groupDoc = DocumentHelper.createDocument();
      Element rootE = groupDoc.addElement("configureComponent");
      Element domainE = rootE.addElement("domain");
      domainE.setText(serverInfo.getXMPPDomain());
      for (String bindInterface : bindInterfaces) {
        Element hostsE = rootE.addElement("hosts");
        hostsE.setText(bindInterface);
      }
      Element portE = rootE.addElement("port");
      portE.setText(String.valueOf(ExternalComponentManager.getServicePort()));

      Log.debug(
          "Trying to configure Clearspace with: Domain: "
              + serverInfo.getXMPPDomain()
              + ", hosts: "
              + bindInterfaces.toString()
              + ", port: "
              + port);

      executeRequest(POST, path, rootE.asXML());

      // Done, Clearspace was configured correctly, clear the task
      Log.debug("Clearspace was configured, stopping the task.");
      TaskEngine.getInstance().cancelScheduledTask(configClearspaceTask);
      configClearspaceTask = null;

    } catch (UnauthorizedException ue) {
      throw ue;
    } catch (Exception e) {
      // It is not supported exception, wrap it into an UnsupportedOperationException
      throw new UnsupportedOperationException("Unexpected error", e);
    }
  }
Пример #3
0
  private synchronized void startClearspaceConfig() {
    // If the task is running, stop it
    if (configClearspaceTask != null) {
      configClearspaceTask.cancel();
      Log.debug("Stopping previous configuration Clearspace task.");
    }

    // Create and schedule a confi task every minute
    configClearspaceTask = new ConfigClearspaceTask();
    // Wait some time to start the task until Openfire has binding address
    TaskEngine.getInstance()
        .schedule(configClearspaceTask, JiveConstants.SECOND * 30, JiveConstants.MINUTE);
    Log.debug("Starting configuration Clearspace task in 10 seconds.");
  }
Пример #4
0
  private void updateClearspaceSharedSecret(String newSecret) {

    try {
      String path = IM_URL_PREFIX + "updateSharedSecret/";

      // Creates the XML with the data
      Document groupDoc = DocumentHelper.createDocument();
      Element rootE = groupDoc.addElement("updateSharedSecret");
      rootE.addElement("newSecret").setText(newSecret);

      executeRequest(POST, path, groupDoc.asXML());
    } catch (UnauthorizedException ue) {
      Log.error("Error updating the password of Clearspace", ue);
    } catch (Exception e) {
      Log.error("Error updating the password of Clearspace", e);
    }
  }
Пример #5
0
  private void updateClearspaceClientSettings() {
    String xmppBoshSslPort = "0";
    String xmppBoshPort = "0";
    String xmppPort =
        String.valueOf(XMPPServer.getInstance().getConnectionManager().getClientListenerPort());
    if (JiveGlobals.getBooleanProperty(
        HttpBindManager.HTTP_BIND_ENABLED, HttpBindManager.HTTP_BIND_ENABLED_DEFAULT)) {
      int boshSslPort = HttpBindManager.getInstance().getHttpBindSecurePort();
      int boshPort = HttpBindManager.getInstance().getHttpBindUnsecurePort();
      try {
        if (HttpBindManager.getInstance().isHttpsBindActive()
            && LocalClientSession.getTLSPolicy()
                != org.jivesoftware.openfire.Connection.TLSPolicy.disabled) {
          xmppBoshSslPort = String.valueOf(boshSslPort);
        }
      } catch (Exception e) {
        // Exception while working with certificate
        Log.debug(
            "Error while checking SSL certificate.  Instructing Clearspace not to use SSL port.");
      }
      if (HttpBindManager.getInstance().isHttpBindActive() && boshPort > 0) {
        xmppBoshPort = String.valueOf(boshPort);
      }
    }

    try {
      String path = CHAT_URL_PREFIX + "updateClientSettings/";

      // Creates the XML with the data
      Document groupDoc = DocumentHelper.createDocument();
      Element rootE = groupDoc.addElement("updateClientSettings");
      rootE.addElement("boshSslPort").setText(xmppBoshSslPort);
      rootE.addElement("boshPort").setText(xmppBoshPort);
      rootE.addElement("tcpPort").setText(xmppPort);

      executeRequest(POST, path, groupDoc.asXML());
    } catch (UnauthorizedException ue) {
      Log.error("Error updating the client settings of Clearspace", ue);
    } catch (Exception e) {
      Log.error("Error updating the client settings of Clearspace", e);
    }
  }
Пример #6
0
  /**
   * Returns a nonce generated by Clearspace to be used in a SSO login.
   *
   * @return a unique nonce.
   */
  public String getNonce() {
    try {
      String path = IM_URL_PREFIX + "generateNonce";
      Element element = executeRequest(GET, path);

      return WSUtils.getReturn(element);
    } catch (Exception e) {
      Log.error("Failed executing #generateNonce with Clearspace", e);
    }

    return null;
  }
Пример #7
0
  public synchronized boolean configClearspace() {
    // If the task is running, stop it
    if (configClearspaceTask != null) {
      configClearspaceTask.cancel();
      Log.debug("Stopping previous configuration Clearspace task.");
    }

    boolean configured = false;
    try {
      doConfigClearspace();
      updateClearspaceClientSettings();
      configured = true;
    } catch (UnauthorizedException e) {
      Log.info("Unauthorized to configure Clearspace.", e);
    } catch (UnsupportedOperationException e) {
      Log.info("Error configuring Clearspace.", e);
    }

    if (!configured) {
      startClearspaceConfig();
    }
    return configured;
  }
Пример #8
0
  /**
   * Tests the web services connection with Clearspace given the manager's current configuration.
   *
   * @return The exception or null if connection test was successful.
   */
  public Throwable testConnection() {
    // Test invoking a simple method
    try {
      // If there is a problem with the URL or the user/password this service throws an exception
      String path = IM_URL_PREFIX + "testCredentials";
      executeRequest(GET, path);

      return null;
    } catch (Exception e) {
      // It is not ok, return false.
      Log.warn("Failed testing communicating with Clearspace", e);
      return e;
    }
  }
Пример #9
0
  /**
   * Check a username/password pair for valid authentication.
   *
   * @param username Username to authenticate against.
   * @param password Password to use for authentication.
   * @return True or false of the authentication succeeded.
   */
  public Boolean checkAuthentication(String username, String password) {
    try {
      // Un-escape username.
      username = JID.unescapeNode(username);
      // Encode potentially non-ASCII characters
      username = URLUTF8Encoder.encode(username);
      String path = ClearspaceAuthProvider.URL_PREFIX + "authenticate/" + username + "/" + password;
      executeRequest(GET, path);
      return true;
    } catch (Exception e) {
      // Nothing to do.
      Log.warn("Failed authenticating user with Clearspace. User = " + username, e);
    }

    return false;
  }
Пример #10
0
  /**
   * Sets the shared secret for the Clearspace service we're connecting to.
   *
   * @param sharedSecret the password configured in Clearspace to authenticate Openfire.
   */
  public void setSharedSecret(String sharedSecret) {
    // Set new password for external component
    ExternalComponentConfiguration configuration =
        new ExternalComponentConfiguration(
            "clearspace", true, ExternalComponentConfiguration.Permission.allowed, sharedSecret);
    try {
      ExternalComponentManager.allowAccess(configuration);
    } catch (ModificationNotAllowedException e) {
      Log.warn("Failed to configure password for Clearspace", e);
    }

    // After updating the component information we can update the field, but not before.
    // If it is done before, OF won't be able to execute the updateSharedsecret webservice
    // since it would try with the new password.
    this.sharedSecret = sharedSecret;
    properties.put("clearspace.sharedSecret", sharedSecret);
  }
Пример #11
0
  static {
    try {
      factory = XmlPullParserFactory.newInstance(MXParser.class.getName(), null);
      factory.setNamespaceAware(true);
    } catch (XmlPullParserException e) {
      Log.error("Error creating a parser factory", e);
    }
    // Create xmpp parser to keep in each thread
    localParser =
        new ThreadLocal<XMPPPacketReader>() {
          protected XMPPPacketReader initialValue() {
            XMPPPacketReader parser = new XMPPPacketReader();
            factory.setNamespaceAware(true);
            parser.setXPPFactory(factory);
            return parser;
          }
        };

    // Add a new exception map from CS to OF and it will be automatically translated.
    exceptionMap = new HashMap<String, String>();
    exceptionMap.put(
        "com.jivesoftware.base.UserNotFoundException",
        "org.jivesoftware.openfire.user.UserNotFoundException");
    exceptionMap.put(
        "com.jivesoftware.base.UserAlreadyExistsException",
        "org.jivesoftware.openfire.user.UserAlreadyExistsException");
    exceptionMap.put(
        "com.jivesoftware.base.GroupNotFoundException",
        "org.jivesoftware.openfire.group.GroupNotFoundException");
    exceptionMap.put(
        "com.jivesoftware.base.GroupAlreadyExistsException",
        "org.jivesoftware.openfire.group.GroupAlreadyExistsException");
    exceptionMap.put(
        "org.acegisecurity.BadCredentialsException",
        "org.jivesoftware.openfire.auth.UnauthorizedException");
    exceptionMap.put(
        "com.jivesoftware.base.UnauthorizedException",
        "org.jivesoftware.openfire.auth.UnauthorizedException");
    exceptionMap.put(
        "com.jivesoftware.community.NotFoundException", "org.jivesoftware.util.NotFoundException");
  }
Пример #12
0
  /**
   * Makes a rest request of any type at the specified urlSuffix. The urlSuffix should be of the
   * form /userService/users. If CS throws an exception it handled and transalated to a Openfire
   * exception if possible. This is done using the check fault method that tries to throw the best
   * maching exception.
   *
   * @param type Must be GET or DELETE
   * @param urlSuffix The url suffix of the rest request
   * @param xmlParams The xml with the request params, must be null if type is GET or DELETE only
   * @return The response as a xml doc.
   * @throws ConnectionException Thrown if there are issues perfoming the request.
   * @throws Exception Thrown if the response from Clearspace contains an exception.
   */
  public Element executeRequest(HttpType type, String urlSuffix, String xmlParams)
      throws ConnectionException, Exception {
    if (Log.isDebugEnabled()) {
      Log.debug("Outgoing REST call [" + type + "] to " + urlSuffix + ": " + xmlParams);
    }

    String wsUrl = getConnectionURI() + WEBSERVICES_PATH + urlSuffix;

    String secret = getSharedSecret();

    HttpClient client = new HttpClient();
    HttpMethod method;

    // Configures the authentication
    client.getParams().setAuthenticationPreemptive(true);
    Credentials credentials = new UsernamePasswordCredentials(OPENFIRE_USERNAME, secret);
    AuthScope scope = new AuthScope(host, port, AuthScope.ANY_REALM);
    client.getState().setCredentials(scope, credentials);

    // Creates the method
    switch (type) {
      case GET:
        method = new GetMethod(wsUrl);
        break;
      case POST:
        PostMethod pm = new PostMethod(wsUrl);
        StringRequestEntity requestEntity = new StringRequestEntity(xmlParams);
        pm.setRequestEntity(requestEntity);
        method = pm;
        break;
      case PUT:
        PutMethod pm1 = new PutMethod(wsUrl);
        StringRequestEntity requestEntity1 = new StringRequestEntity(xmlParams);
        pm1.setRequestEntity(requestEntity1);
        method = pm1;
        break;
      case DELETE:
        method = new DeleteMethod(wsUrl);
        break;
      default:
        throw new IllegalArgumentException();
    }

    method.setRequestHeader("Accept", "text/xml");
    method.setDoAuthentication(true);

    try {
      // Executes the request
      client.executeMethod(method);

      // Parses the result
      String body = method.getResponseBodyAsString();
      if (Log.isDebugEnabled()) {
        Log.debug("Outgoing REST call results: " + body);
      }

      // Checks the http status
      if (method.getStatusCode() != 200) {
        if (method.getStatusCode() == 401) {
          throw new ConnectionException(
              "Invalid password to connect to Clearspace.",
              ConnectionException.ErrorType.AUTHENTICATION);
        } else if (method.getStatusCode() == 404) {
          throw new ConnectionException(
              "Web service not found in Clearspace.", ConnectionException.ErrorType.PAGE_NOT_FOUND);
        } else if (method.getStatusCode() == 503) {
          throw new ConnectionException(
              "Web service not avaible in Clearspace.",
              ConnectionException.ErrorType.SERVICE_NOT_AVAIBLE);
        } else {
          throw new ConnectionException(
              "Error connecting to Clearspace, http status code: " + method.getStatusCode(),
              new HTTPConnectionException(method.getStatusCode()),
              ConnectionException.ErrorType.OTHER);
        }
      } else if (body.contains("Clearspace Upgrade Console")) {
        // TODO Change CS to send a more standard error message
        throw new ConnectionException(
            "Clearspace is in an update state.", ConnectionException.ErrorType.UPDATE_STATE);
      }

      Element response = localParser.get().parseDocument(body).getRootElement();

      // Check for exceptions
      checkFault(response);

      // Since there is no exception, returns the response
      return response;
    } catch (DocumentException e) {
      throw new ConnectionException(
          "Error parsing the response of Clearspace.", e, ConnectionException.ErrorType.OTHER);
    } catch (HttpException e) {
      throw new ConnectionException(
          "Error performing http request to Clearspace", e, ConnectionException.ErrorType.OTHER);
    } catch (UnknownHostException e) {
      throw new ConnectionException(
          "Unknown Host " + getConnectionURI() + " trying to connect to Clearspace",
          e,
          ConnectionException.ErrorType.UNKNOWN_HOST);
    } catch (IOException e) {
      throw new ConnectionException(
          "Error peforming http request to Clearspace.", e, ConnectionException.ErrorType.OTHER);
    } finally {
      method.releaseConnection();
    }
  }
Пример #13
0
  public void start() throws IllegalStateException {
    super.start();
    if (isEnabled()) {
      // Before starting up service make sure there is a default secret
      if (ExternalComponentManager.getDefaultSecret() == null
          || "".equals(ExternalComponentManager.getDefaultSecret())) {
        try {
          ExternalComponentManager.setDefaultSecret(StringUtils.randomString(10));
        } catch (ModificationNotAllowedException e) {
          Log.warn("Failed to set a default secret to external component service", e);
        }
      }
      // Make sure that external component service is enabled
      if (!ExternalComponentManager.isServiceEnabled()) {
        try {
          ExternalComponentManager.setServiceEnabled(true);
        } catch (ModificationNotAllowedException e) {
          Log.warn("Failed to start external component service", e);
        }
      }
      // Listen for changes to external component settings
      ExternalComponentManager.addListener(this);
      // Listen for registration of new components
      InternalComponentManager.getInstance().addListener(this);
      // Listen for changes in certificates
      CertificateManager.addListener(this);
      // Listen for property changes
      PropertyEventDispatcher.addListener(this);
      // Set up custom clearspace MUC service
      // Create service if it doesn't exist, load if it does.
      MultiUserChatServiceImpl muc =
          (MultiUserChatServiceImpl)
              XMPPServer.getInstance()
                  .getMultiUserChatManager()
                  .getMultiUserChatService(MUC_SUBDOMAIN);
      if (muc == null) {
        try {
          muc =
              XMPPServer.getInstance()
                  .getMultiUserChatManager()
                  .createMultiUserChatService(MUC_SUBDOMAIN, MUC_DESCRIPTION, true);
        } catch (AlreadyExistsException e) {
          Log.error(
              "ClearspaceManager: Found no "
                  + MUC_SUBDOMAIN
                  + " service, but got already exists when creation attempted?  Service probably not started!");
        }
      }
      if (muc != null) {
        // Set up special delegate for Clearspace MUC service
        muc.setMUCDelegate(new ClearspaceMUCEventDelegate());
        // Set up additional features for Clearspace MUC service
        muc.addExtraFeature("clearspace:service");
        // Set up additional identity of conference service to Clearspace MUC service
        muc.addExtraIdentity("conference", "Clearspace Chat Service", "text");
      }

      // Starts the clearspace configuration task
      startClearspaceConfig();

      // Starts the Clearspace MUC transcript manager
      mucTranscriptManager.start();
    }
  }
Пример #14
0
  private void init() {
    // Register the trust manager to use when using HTTPS
    Protocol easyhttps =
        new Protocol("https", (ProtocolSocketFactory) new SSLProtocolSocketFactory(this), 443);
    Protocol.registerProtocol("https", easyhttps);

    // Convert XML based provider setup to Database based
    JiveGlobals.migrateProperty("clearspace.uri");
    JiveGlobals.migrateProperty("clearspace.sharedSecret");

    // Make sure that all Clearspace components are set up, unless they were overridden
    // Note that the auth provider is our way of knowing that we are set up with Clearspace,
    // so don't bother checking to set it.
    if (isEnabled()) {
      if (JiveGlobals.getProperty("provider.user.className") == null) {
        JiveGlobals.setProperty(
            "provider.user.className",
            "org.jivesoftware.openfire.clearspace.ClearspaceUserProvider");
      }
      if (JiveGlobals.getProperty("provider.group.className") == null) {
        JiveGlobals.setProperty(
            "provider.group.className",
            "org.jivesoftware.openfire.clearspace.ClearspaceGroupProvider");
      }
      if (JiveGlobals.getProperty("provider.vcard.className") == null) {
        JiveGlobals.setProperty(
            "provider.vcard.className",
            "org.jivesoftware.openfire.clearspace.ClearspaceVCardProvider");
      }
      if (JiveGlobals.getProperty("provider.lockout.className") == null) {
        JiveGlobals.setProperty(
            "provider.lockout.className",
            "org.jivesoftware.openfire.clearspace.ClearspaceLockOutProvider");
      }
      if (JiveGlobals.getProperty("provider.securityAudit.className") == null) {
        JiveGlobals.setProperty(
            "provider.securityAudit.className",
            "org.jivesoftware.openfire.clearspace.ClearspaceSecurityAuditProvider");
      }
      if (JiveGlobals.getProperty("provider.admin.className") == null) {
        JiveGlobals.setProperty(
            "provider.admin.className",
            "org.jivesoftware.openfire.clearspace.ClearspaceAdminProvider");
      }
    }

    this.uri = properties.get("clearspace.uri");
    if (uri != null) {
      if (!this.uri.endsWith("/")) {
        this.uri = this.uri + "/";
      }
      // Updates the host/port attributes based on the uri
      updateHostPort();
    }
    sharedSecret = properties.get("clearspace.sharedSecret");

    // Creates the cache maps
    userIDCache = new DefaultCache<String, Long>("clearspace.userid", 1000, JiveConstants.DAY);
    groupIDCache = new DefaultCache<String, Long>("clearspace.groupid", 1000, JiveConstants.DAY);
    usernameCache = new DefaultCache<Long, String>("clearspace.username", 1000, JiveConstants.DAY);

    if (Log.isDebugEnabled()) {
      StringBuilder buf = new StringBuilder();
      buf.append("Created new ClearspaceManager() instance, fields:\n");
      buf.append("\t URI: ").append(uri).append("\n");
      buf.append("\t sharedSecret: ").append(sharedSecret).append("\n");

      Log.debug("ClearspaceManager: " + buf.toString());
    }

    // Init nonce cache
    nonceCache = CacheFactory.createCache("Clearspace SSO Nonce");
    // Init nonce generator
    nonceGenerator = new Random();
  }