merging 1.1.0

Eric Mears · Eric Mears · commit 82b106d7c175 · 2024-06-13T15:24:47.000-07:00
diff --git a/pom.xml b/pom.xml
@@ -9,7 +9,7 @@
     </parent>
     <groupId>org.directtruststandards</groupId>
     <artifactId>timplus-server-core</artifactId>
-    <version>1.0.0</version>
+    <version>1.1.0</version>
     <name>TIM+ Core XMPP Server</name>
 
     <properties>
diff --git a/src/main/java/org/jivesoftware/openfire/net/XMPPCallbackHandler.java b/src/main/java/org/jivesoftware/openfire/net/XMPPCallbackHandler.java
@@ -32,6 +32,7 @@
 import org.jivesoftware.openfire.auth.AuthorizationManager;
 import org.jivesoftware.openfire.sasl.VerifyPasswordCallback;
 import org.jivesoftware.openfire.user.UserNotFoundException;
+import org.jivesoftware.util.JiveGlobals;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -117,6 +118,13 @@ else if (callback instanceof AuthorizeCallback) {
                         //Log.debug("XMPPCallbackHandler: no username requested, using " + username);
                     }
                 }
+                /*
+                clients like pidgin, pass in the username, not the barejid, so the db query for the user fails.
+                When timplus.allowLoginWithoutBareJID is set, we pass in the barejid (user@domain), so the query will work.
+                 */
+                if( Boolean.parseBoolean(JiveGlobals.getProperty("timplus.allowLoginWithoutBareJID"))) {
+                    username = principal;
+                }
                 if (AuthorizationManager.authorize(username, principal)) {
                     if (Log.isDebugEnabled()) {
                         //Log.debug("XMPPCallbackHandler: " + principal + " authorized to " + username);
diff --git a/src/main/java/org/jivesoftware/openfire/sasl/SaslServerPlainImpl.java b/src/main/java/org/jivesoftware/openfire/sasl/SaslServerPlainImpl.java
@@ -25,6 +25,7 @@
 import javax.security.sasl.SaslServer;
 
 import org.jivesoftware.openfire.session.LocalSession;
+import org.jivesoftware.util.JiveGlobals;
 
 import javax.security.sasl.SaslException;
 import javax.security.sasl.AuthorizeCallback;
@@ -117,7 +118,14 @@ public byte[] evaluateResponse(byte[] response)
                 }
                 if (localSession != null)
                 	username += "@" + localSession.getServerName();
-                
+
+                /*
+                clients like pidgin, pass in the username, not the barejid, so the db query for the user fails.
+                When timplus.allowLoginWithoutBareJID is set, we pass in the barejid (user@domain), so the query will work.
+                 */
+                if( Boolean.parseBoolean(JiveGlobals.getProperty("timplus.allowLoginWithoutBareJID"))) {
+                    principal = username;
+                }
                 password = tokens.nextToken();
                 NameCallback ncb = new NameCallback("PLAIN authentication ID: ",principal);
                 VerifyPasswordCallback vpcb = new VerifyPasswordCallback(password.toCharArray());
