Build: #390 was successful Scheduled with changes by daryl herzmann <akrherz@iastate.edu>
Code commits
Openfire (master)
-
daryl herzmann <akrherz@iastate.edu> 86516551dbbd841004e69a7eb8d99bd933bc7a2b
Merge pull request #1078 from guusdk/OF-1545_Authtoken-anonymous-flag
OF-1545: Authtoken and anonymous authentication -
Guus der Kinderen 33385d192c2176863e0be3a324dcba9e6daa1787 m
OF-1545: Users of AuthToken.getUsername() should be able to handle null values
The Javadoc of getUsername() clearly states that null values are to be expected (when anonymous
authentication took place). In a previous commit, an instance were the username was filled with
the anonymous resource-part was corrected (now, null is used instead). This commit fixes a few
instances where users of getUsername() assumed its return value to be non-null.- src/java/org/jivesoftware/openfire/SessionManager.java (version 33385d192c2176863e0be3a324dcba9e6daa1787)
- src/java/org/jivesoftware/openfire/session/LocalClientSession.java (version 33385d192c2176863e0be3a324dcba9e6daa1787)
- src/java/org/jivesoftware/openfire/streammanagement/StreamManager.java (version 33385d192c2176863e0be3a324dcba9e6daa1787)
-
Guus der Kinderen bd0863dce0d294f9589cfe67d62d7f19c188027d m
OF-1545: Optimize 'isAnonymous' check in AuthToken
The 'isAnonymous' method need not do a user lookup to determine if the associated session
is using anonymous authentication. This information is available when the token is created.
By removing this lookup, load is reduced.
Additionally, the token implementation itself need not contain data that is guaranteed to
be identical for each token (the XMPP domain name).
Lastly, the AuthToken javadoc defines that the containing username will be null for anonymous
users. This means that there's no need to track that status in an additional field.
This above leads to a simplification of the AuthToken implementation (less complexity is good
for maintenance). This commit also removes one instance where the username is set to the
resource-part value of an anonymous session (as this is explicilty forbidden by the Javadoc
contract of getUsername()).
A follow commit will check usages of getUsername(), to verify that returned null values are
properly processed.- src/java/org/jivesoftware/admin/AuthCheckFilter.java (version bd0863dce0d294f9589cfe67d62d7f19c188027d)
- src/java/org/jivesoftware/openfire/auth/AuthFactory.java (version bd0863dce0d294f9589cfe67d62d7f19c188027d)
- src/java/org/jivesoftware/openfire/auth/AuthToken.java (version bd0863dce0d294f9589cfe67d62d7f19c188027d)
- src/java/org/jivesoftware/openfire/net/SASLAuthentication.java (version bd0863dce0d294f9589cfe67d62d7f19c188027d)
- src/java/org/jivesoftware/openfire/session/LocalClientSession.java (version bd0863dce0d294f9589cfe67d62d7f19c188027d)