If an unknown exception occurs during processing of (non-SASL) authentication, currently
no response is sent to the authentication IQ and the connection is left open. This is
likely to cause the client on the other end to hang indefinitely or at least for a long
time.
A typical reason for an exception occurring might be that an authentication server used
by an authentication provider isn’'t running or similar configuration problems.
The attached patch deals with this problem in the simplest possible way by closing
the connection after logging the error; variations or other possible techniques:
A) Write a stream error before closing the connection. I didn’'t do this mostly to
keep things short. Providing internal-server-error stanza doesn’'t really give significant
additional information, but would be a little cleaner.
B) Instead of closing the connection, respond to the IQ with an error
The issue with this is that even if the error is an internal-server-error, it’'s
likely that the client will prompt the user to retry logging in, which could be
confusing.
Index: src/java/org/jivesoftware/wildfire/handler/IQAuthHandler.java
===================================================================
— src/java/org/jivesoftware/wildfire/handler/IQAuthHandler.java (revision 1808)
+++ src/java/org/jivesoftware/wildfire/handler/IQAuthHandler.java (working copy)
@@ -162,6 +162,7 @@
}
catch (Exception e) {
Log.error(“Error handling authentication IQ packet”, e);
-
sessionManager.getSession(packet.getFrom()).getConnection().close();
}
return null;
}
@@ -212,6 +213,7 @@
}
catch (Exception e) {
Log.error(“Error during login”, e);
-
session.getConnection().close();
}
}
// If the connection was not refused due to conflict, log the user in