|
Openfire 3.6.1 Javadoc | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.jivesoftware.openfire.server.ServerDialback
public class ServerDialback
Implementation of the Server Dialback method as defined by the RFC3920. The dialback method follows the following logic to validate the remote server:
Field Summary | |
---|---|
protected static String |
CHARSET
The utf-8 charset for decoding and encoding Jabber packet streams. |
Constructor Summary | |
---|---|
ServerDialback()
|
|
ServerDialback(Connection connection,
String serverName)
Creates a new instance that will be used for creating IncomingServerSession ,
validating subsequent domains or authenticatig new domains. |
Method Summary | |
---|---|
boolean |
authenticateDomain(OutgoingServerSocketReader socketReader,
String domain,
String hostname,
String id)
Authenticates the Originating Server domain with the Receiving Server. |
LocalIncomingServerSession |
createIncomingSession(org.dom4j.io.XMPPPacketReader reader)
Returns a new IncomingServerSession with a domain validated by the Authoritative
Server. |
LocalOutgoingServerSession |
createOutgoingSession(String domain,
String hostname,
int port)
Creates a new connection from the Originating Server to the Receiving Server for authenticating the specified domain. |
static boolean |
isEnabled()
Returns true if server dialback is enabled. |
static boolean |
isEnabledForSelfSigned()
Returns true if server dialback can be used when the remote server presented a self-signed certificate. |
static void |
setEnabledForSelfSigned(boolean enabled)
Sets if server dialback can be used when the remote server presented a self-signed certificate. |
boolean |
validateRemoteDomain(org.dom4j.Element doc,
StreamID streamID)
Returns true if the domain requested by the remote server was validated by the Authoritative Server. |
static boolean |
verifyReceivedKey(org.dom4j.Element doc,
Connection connection)
Verifies the key sent by a Receiving Server. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
protected static String CHARSET
Constructor Detail |
---|
public ServerDialback(Connection connection, String serverName)
IncomingServerSession
,
validating subsequent domains or authenticatig new domains. Use
createIncomingSession(org.dom4j.io.XMPPPacketReader)
for creating a new server
session used for receiving packets from the remote server. Use
validateRemoteDomain(org.dom4j.Element, org.jivesoftware.openfire.StreamID)
for
validating subsequent domains and use
authenticateDomain(OutgoingServerSocketReader, String, String, String)
for
registering new domains that are allowed to send packets to the remote server.For validating domains a new TCP connection will be established to the Authoritative Server. The Authoritative Server may be the same Originating Server or some other machine in the Originating Server's network. Once the remote domain gets validated the Originating Server will be allowed for sending packets to this server. However, this server will need to validate its domain/s with the Originating Server if this server needs to send packets to the Originating Server. Another TCP connection will be established for validation this server domain/s and for sending packets to the Originating Server.
connection
- the connection created by the remote server.serverName
- the name of the local server.public ServerDialback()
Method Detail |
---|
public static boolean isEnabled()
When TLS is enabled between servers and server dialback method is enabled then TLS is going to be tried first, when connecting to a remote server, and if TLS fails then server dialback is going to be used as a last resort. If enabled and the remote server offered server-dialback after TLS and no SASL EXTERNAL then server dialback will be used.
public static boolean isEnabledForSelfSigned()
If self-signed certificates are accepted then server dialback over TLS is enabled.
public static void setEnabledForSelfSigned(boolean enabled)
If self-signed certificates are accepted then server dialback over TLS is enabled.
enabled
- if server dialback can be used when the remote server presented a self-signed
certificate.public LocalOutgoingServerSession createOutgoingSession(String domain, String hostname, int port)
domain
- domain of the Originating Server to authenticate with the Receiving Server.hostname
- IP address or hostname of the Receiving Server.port
- port of the Receiving Server.
public boolean authenticateDomain(OutgoingServerSocketReader socketReader, String domain, String hostname, String id)
The Receiving Server will connect to the Authoritative Server to verify the dialback key. Most probably the Originating Server machine will be the Authoritative Server too.
socketReader
- the reader to use for reading the answer from the Receiving Server.domain
- the domain to authenticate.hostname
- the hostname of the remote server (i.e. Receiving Server).id
- the stream id to be used for creating the dialback key.
public LocalIncomingServerSession createIncomingSession(org.dom4j.io.XMPPPacketReader reader) throws IOException, org.xmlpull.v1.XmlPullParserException
IncomingServerSession
with a domain validated by the Authoritative
Server. New domains may be added to the returned IncomingServerSession after they have
been validated. See
LocalIncomingServerSession.validateSubsequentDomain(org.dom4j.Element)
. The remote
server will be able to send packets through this session whose domains were previously
validated.When acting as an Authoritative Server this method will verify the requested key and will return null since the underlying TCP connection will be closed after sending the response to the Receiving Server.
reader
- reader of DOM documents on the connection to the remote server.
IOException
- if an I/O error occurs while communicating with the remote server.
org.xmlpull.v1.XmlPullParserException
- if an error occurs while parsing XML packets.public boolean validateRemoteDomain(org.dom4j.Element doc, StreamID streamID)
If the domain was not valid or some error occured while validating the domain then the underlying TCP connection will be closed.
doc
- the request for validating the new domain.streamID
- the stream id generated by this server for the Originating Server.
public static boolean verifyReceivedKey(org.dom4j.Element doc, Connection connection)
doc
- the Element that contains the key to verify.connection
- the connection to use for sending the verification result
|
Openfire 3.6.1 Javadoc | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |