Throws UnauthorizedException when trying to add contact-custom AuthProvider

Adam_Nemeth · December 2, 2006, 5:44pm

Hi all,

Our team wants to add jabber functionality to a community site, which we

don’'t own
don’'t have access to its database
authenticates with e-mail address + password.

We’'ve successfully managed to implement a custom AuthProvider with Jakarta HTTPClient class, which logs in to the site, and decides if password is wrong or not.

First, we tried to replace the \40 charactersequence (which is sent by Spark if you want to login with email@address), thought that caused an internal problem to wildfire, now we use a % replacement (so, email%address), but still does not work.

We cannot implement a user provider which can give back list of all users, since there’‘s no enumeration page for them, and it’'s a huge number anyway.

We can check if a given user with given e-mail address exists or not.

There’‘s no unique username, that’'s why we want to use email%address@jabberserver or similliar.

Below is the error.log file, which is produced when I tried we tried to add each other with one of the developers.

We want to expand jabber practice to such scenarios, it’'s not a corporate project.

Thanks for the answers in advance

2006.12.02 18:30:59 org.jivesoftware.wildfire.handler.IQRosterHandler.handleIQ(IQRosterHandler.java: 119) Internal server error

org.jivesoftware.wildfire.auth.UnauthorizedException: org.jivesoftware.wildfire.user.UserNotFoundException

at org.jivesoftware.wildfire.handler.IQRosterHandler.manageRoster(IQRosterHandler. java:221)

at org.jivesoftware.wildfire.handler.IQRosterHandler.handleIQ(IQRosterHandler.java :104)

at org.jivesoftware.wildfire.handler.IQHandler.process(IQHandler.java:48)

at org.jivesoftware.wildfire.IQRouter.handle(IQRouter.java:268)

at org.jivesoftware.wildfire.IQRouter.route(IQRouter.java:96)

at org.jivesoftware.wildfire.spi.PacketRouterImpl.route(PacketRouterImpl.java:67)

at org.jivesoftware.wildfire.net.SocketReader.processIQ(SocketReader.java:250)

at org.jivesoftware.wildfire.net.ClientSocketReader.processIQ(ClientSocketReader.j ava:51)

at org.jivesoftware.wildfire.net.SocketReader.process(SocketReader.java:216)

at org.jivesoftware.wildfire.net.BlockingReadingMode.readStream(BlockingReadingMod e.java:156)

at org.jivesoftware.wildfire.net.BlockingReadingMode.run(BlockingReadingMode.java: 62)

at org.jivesoftware.wildfire.net.SocketReader.run(SocketReader.java:123)

at java.lang.Thread.run(Unknown Source)

Caused by: org.jivesoftware.wildfire.user.UserNotFoundException

at org.jivesoftware.wildfire.user.DefaultUserProvider.loadUser(DefaultUserProvider .java:79)

at org.jivesoftware.wildfire.user.UserManager.getUser(UserManager.java:186)

at org.jivesoftware.wildfire.handler.IQRosterHandler.manageRoster(IQRosterHandler. java:187)

… 12 more

LG1 · December 2, 2006, 9:57pm

aadaam wrote:

First, we tried to replace the \40 charactersequence (which is sent by Spark if you want to login with email@address), thought that caused an internal problem to wildfire, now we use a % replacement (so, email%address), but still does not work.

Hi,

where did cause the email address using “@” problems in Wildfire? I’'m quite sure that Gato would like to fix any problem if there is one.

I can’'t reproduce this error with the information you have given, user “foo%bar” can add “foobar%any” without a problem and chat.

LG

Adam_Nemeth · December 2, 2006, 10:17pm

The problem wasn’‘t about using @ or %, it was that we didn’‘t create a user with the userProvider -> it didn’‘t have any roster -> when Wildfire tried to add the new contact, couldn’'t find the roster to add to (presumably)

Now we use POP3Auth’‘s approach - we register the user with DefaultUserProvider and a random password, thus slowly making a copy of the original site’'s userdatabase (which should take up a few gigs…).

The next part is: could I add someone to my roster while he/she haven’‘t logged in into the jabber server? It’'s OK to send an e-mail or similiar if needed, but then the presence subscription should be automatic after first login. In fact, the site contains negotiated connections already. Should I post this in another thread, and close this one?

LG1 · December 2, 2006, 11:01pm

Hi,

it’'s always be a good idea to mark the Q as answered and create a new thread for a new Q but as you are asking:

If the other party did not register yet it will not receive the subscription request after registration. Maybe you want to modify the Subscription Plugin to intercept subscriptions and to create the needed users if they don’'t exist.

LG