Add validation to JabberIqAuth (#1284)

Closed

Activities

wojciech.kapcia@tigase.net opened 3 years ago

[2021-09-11 03:22:12:930] [FINEST  ] [ jabber:iq:auth-proc-0 ] DomainFilter.filter()            : Filtering (packet): from=c2s@ip-172-31-20-109.us-west-2.compute.internal/172.22.0.2_5222_172.31.31.162_13518, to=sess-man@ip-172-31-20-109.us-west-2.compute.internal, serverAuthorisedStanzaFrom=Optional.empty, DATA=<iq id="setup2" xmlns="jabber:client" type="set"><query xmlns="jabber:iq:auth"><username/><password>…</password><resource>AstraChat-iOS-58988112</resource></query></iq>, SIZE=175, XMLNS=jabber:client, PRIORITY=NORMAL, PERMISSION=LOCAL, TYPE=set, STABLE_ID=5321e11e-e6ea-4c2d-8c46-07480eee7023
[2021-09-11 03:22:12:930] [FINEST  ] [ jabber:iq:auth-proc-0 ] SessionManager.processPacket()   : Packet processed by: [jabber:iq:auth]
[2021-09-11 03:22:12:930] [WARNING ] [ jabber:iq:auth-proc-0 ] JabberIqAuth.doAuth()            : Can''t authenticate with given CallbackHandler
java.lang.IllegalArgumentException
	at java.base/javax.security.auth.callback.NameCallback.<init>(Unknown Source)
	at tigase.xmpp.impl.JabberIqAuth.doAuth(JabberIqAuth.java:254)
	at tigase.xmpp.impl.JabberIqAuth.process(JabberIqAuth.java:167)
	at tigase.server.xmppsession.SessionManager$ProcessorWorkerThread.process(SessionManager.java:2685)
	at tigase.util.processing.WorkerThread.run(WorkerThread.java:67)

XEP-0078: Non-SASL Authentication:

Both the username and the resource are REQUIRED for client authentication using the 'jabber:iq:auth' namespace; Therefore, in order to successfully authenticate with the server in this example, a client MUST provide a username, a resource, and one of password or digest.

Type	Bug
Priority	Normal
Assignee	wojciech.kapcia@tigase.net
Version	tigase-server-8.2.0
Spent time	45m

Issue Votes (0)

Watchers (0)

Reference

tigase/_server/server-core#1284