[ trivial patch ] close connection on exception during authentication

If an unknown exception occurs during processing of (non-SASL) authentication, currently

no response is sent to the authentication IQ and the connection is left open. This is

likely to cause the client on the other end to hang indefinitely or at least for a long


A typical reason for an exception occurring might be that an authentication server used

by an authentication provider isn’'t running or similar configuration problems.

The attached patch deals with this problem in the simplest possible way by closing

the connection after logging the error; variations or other possible techniques:

A) Write a stream error before closing the connection. I didn’'t do this mostly to

keep things short. Providing internal-server-error stanza doesn’'t really give significant

additional information, but would be a little cleaner.

B) Instead of closing the connection, respond to the IQ with an error

The issue with this is that even if the error is an internal-server-error, it’'s

likely that the client will prompt the user to retry logging in, which could be


Index: src/java/org/jivesoftware/wildfire/handler/IQAuthHandler.java


— src/java/org/jivesoftware/wildfire/handler/IQAuthHandler.java (revision 1808)

+++ src/java/org/jivesoftware/wildfire/handler/IQAuthHandler.java (working copy)

@@ -162,6 +162,7 @@


catch (Exception e) {

Log.error(“Error handling authentication IQ packet”, e);

  •        sessionManager.getSession(packet.getFrom()).getConnection().close();


return null;


@@ -212,6 +213,7 @@


catch (Exception e) {

Log.error(“Error during login”, e);

  •            session.getConnection().close();



// If the connection was not refused due to conflict, log the user in

Hey Owen,

Thanks for the bug fix. I created JM-638 for this problem and checked in a fix that will be available in the next nightly build.


– Gato