You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by be...@apache.org on 2010/12/28 14:13:09 UTC
svn commit: r1053343 - in /mina/vysper/trunk/server/core/src/main:
config/spring-config.xml java/org/apache/vysper/spring/AddUserHelper.java
java/org/apache/vysper/xmpp/server/ServerMain.java
Author: berndf
Date: Tue Dec 28 13:13:08 2010
New Revision: 1053343
URL: http://svn.apache.org/viewvc?rev=1053343&view=rev
Log:
make the default Vysper install sufficiently secure: use random passwords.
Modified:
mina/vysper/trunk/server/core/src/main/config/spring-config.xml
mina/vysper/trunk/server/core/src/main/java/org/apache/vysper/spring/AddUserHelper.java
mina/vysper/trunk/server/core/src/main/java/org/apache/vysper/xmpp/server/ServerMain.java
Modified: mina/vysper/trunk/server/core/src/main/config/spring-config.xml
URL: http://svn.apache.org/viewvc/mina/vysper/trunk/server/core/src/main/config/spring-config.xml?rev=1053343&r1=1053342&r2=1053343&view=diff
==============================================================================
--- mina/vysper/trunk/server/core/src/main/config/spring-config.xml (original)
+++ mina/vysper/trunk/server/core/src/main/config/spring-config.xml Tue Dec 28 13:13:08 2010
@@ -28,13 +28,18 @@
<!-- choose one of the storage registries -->
<alias name="inmemoryStorageRegistry" alias="storageRegistry" />
- <!-- default users; remove if you have persistently stored users -->
+ <!-- default users; remove if you have persistently stored users
+ NOTE: if passwords are empty, random passwords are generated and printed on the console
+ So, your default install of Vysper is secure from the very beginning
+ -->
<bean id="addUsers" class="org.apache.vysper.spring.AddUserHelper">
<constructor-arg index="0">
<map>
- <entry key="user1@vysper.org" value="password1" />
- <entry key="user2@vysper.org" value="password1" />
- <entry key="user3@vysper.org" value="password1" />
+ <entry key="admin@vysper.org" value="" />
+ <entry key="user1@vysper.org" value="" />
+ <entry key="user2@vysper.org" value="" />
+ <entry key="user3@vysper.org" value="" />
+ <!--<entry key="admin@vysper.org" value="CHOOSE A SECURE PASSWORD OR LEAVE EMPTY" />-->
</map>
</constructor-arg>
<property name="storageProviderRegistry" ref="storageRegistry" />
@@ -76,6 +81,12 @@
<bean class="org.apache.vysper.xmpp.modules.extension.xep0054_vcardtemp.VcardTempModule" />
<bean class="org.apache.vysper.xmpp.modules.extension.xep0119_xmppping.XmppPingModule" />
<bean class="org.apache.vysper.xmpp.modules.extension.xep0049_privatedata.PrivateDataModule" />
+ <bean class="org.apache.vysper.xmpp.modules.extension.xep0050_adhoc_commands.AdhocCommandsModule" />
+ <bean class="org.apache.vysper.xmpp.modules.extension.xep0133_service_administration.ServiceAdministrationModule" >
+ <property name="addAdmins">
+ <list><value>admin@vysper.org</value></list>
+ </property>
+ </bean>
<!-- below some more modules which are available as separately-built jars.
make sure they are on the classpath when enabling them or remove the beans below,
depending on the features your server should expose -->
Modified: mina/vysper/trunk/server/core/src/main/java/org/apache/vysper/spring/AddUserHelper.java
URL: http://svn.apache.org/viewvc/mina/vysper/trunk/server/core/src/main/java/org/apache/vysper/spring/AddUserHelper.java?rev=1053343&r1=1053342&r2=1053343&view=diff
==============================================================================
--- mina/vysper/trunk/server/core/src/main/java/org/apache/vysper/spring/AddUserHelper.java (original)
+++ mina/vysper/trunk/server/core/src/main/java/org/apache/vysper/spring/AddUserHelper.java Tue Dec 28 13:13:08 2010
@@ -22,6 +22,8 @@ package org.apache.vysper.spring;
import java.util.HashMap;
import java.util.Map;
+import org.apache.commons.lang.RandomStringUtils;
+import org.apache.commons.lang.StringUtils;
import org.apache.vysper.storage.StorageProviderRegistry;
import org.apache.vysper.xmpp.addressing.EntityFormatException;
import org.apache.vysper.xmpp.addressing.EntityImpl;
@@ -48,7 +50,12 @@ public class AddUserHelper {
for (String user : userPasswordMap.keySet()) {
if (!accountManagement.verifyAccountExists(EntityImpl.parse(user))) {
- accountManagement.addUser(user, userPasswordMap.get(user));
+ String password = userPasswordMap.get(user);
+ if (StringUtils.isEmpty(password)) {
+ password = RandomStringUtils.randomAlphanumeric(8);
+ }
+ accountManagement.addUser(user, password);
+ System.out.println(user + " user has been added with random password: '" + password + "'");
}
}
}
Modified: mina/vysper/trunk/server/core/src/main/java/org/apache/vysper/xmpp/server/ServerMain.java
URL: http://svn.apache.org/viewvc/mina/vysper/trunk/server/core/src/main/java/org/apache/vysper/xmpp/server/ServerMain.java?rev=1053343&r1=1053342&r2=1053343&view=diff
==============================================================================
--- mina/vysper/trunk/server/core/src/main/java/org/apache/vysper/xmpp/server/ServerMain.java (original)
+++ mina/vysper/trunk/server/core/src/main/java/org/apache/vysper/xmpp/server/ServerMain.java Tue Dec 28 13:13:08 2010
@@ -19,11 +19,7 @@
*/
package org.apache.vysper.xmpp.server;
-import java.io.File;
-import java.io.FileNotFoundException;
-import java.util.ArrayList;
-import java.util.List;
-
+import org.apache.commons.lang.RandomStringUtils;
import org.apache.vysper.mina.TCPEndpoint;
import org.apache.vysper.storage.StorageProviderRegistry;
import org.apache.vysper.storage.inmemory.MemoryStorageProviderRegistry;
@@ -33,11 +29,19 @@ import org.apache.vysper.xmpp.authorizat
import org.apache.vysper.xmpp.authorization.AccountManagement;
import org.apache.vysper.xmpp.modules.Module;
import org.apache.vysper.xmpp.modules.extension.xep0049_privatedata.PrivateDataModule;
+import org.apache.vysper.xmpp.modules.extension.xep0050_adhoc_commands.AdhocCommandsModule;
import org.apache.vysper.xmpp.modules.extension.xep0054_vcardtemp.VcardTempModule;
import org.apache.vysper.xmpp.modules.extension.xep0092_software_version.SoftwareVersionModule;
import org.apache.vysper.xmpp.modules.extension.xep0119_xmppping.XmppPingModule;
+import org.apache.vysper.xmpp.modules.extension.xep0133_service_administration.ServiceAdministrationModule;
import org.apache.vysper.xmpp.modules.extension.xep0202_entity_time.EntityTimeModule;
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
/**
* starts the server as a standalone application
*
@@ -56,6 +60,8 @@ public class ServerMain {
*/
public static void main(String[] args) throws AccountCreationException, EntityFormatException, FileNotFoundException {
+ String domain = "vysper.org";
+
String addedModuleProperty = System.getProperty("vysper.add.module");
List<Module> listOfModules = null;
if (addedModuleProperty != null) {
@@ -67,20 +73,17 @@ public class ServerMain {
//StorageProviderRegistry providerRegistry = new JcrStorageProviderRegistry();
StorageProviderRegistry providerRegistry = new MemoryStorageProviderRegistry();
+ final String adminJID = "admin@" + domain;
final AccountManagement accountManagement = (AccountManagement) providerRegistry
.retrieve(AccountManagement.class);
- if (!accountManagement.verifyAccountExists(EntityImpl.parse("user1@vysper.org"))) {
- accountManagement.addUser("user1@vysper.org", "password1");
- }
- if (!accountManagement.verifyAccountExists(EntityImpl.parse("user2@vysper.org"))) {
- accountManagement.addUser("user2@vysper.org", "password1");
- }
- if (!accountManagement.verifyAccountExists(EntityImpl.parse("user3@vysper.org"))) {
- accountManagement.addUser("user3@vysper.org", "password1");
+ if (!accountManagement.verifyAccountExists(EntityImpl.parse(adminJID))) {
+ final String randomPassword = RandomStringUtils.randomAlphanumeric(8);
+ accountManagement.addUser(adminJID, randomPassword);
+ System.out.println(adminJID + " user has been added with random password: '" + randomPassword + "'");
}
- XMPPServer server = new XMPPServer("vysper.org");
+ XMPPServer server = new XMPPServer(domain);
server.addEndpoint(new TCPEndpoint());
//server.addEndpoint(new StanzaSessionFactory());
server.setStorageProviderRegistry(providerRegistry);
@@ -99,6 +102,11 @@ public class ServerMain {
server.addModule(new VcardTempModule());
server.addModule(new XmppPingModule());
server.addModule(new PrivateDataModule());
+ server.addModule(new AdhocCommandsModule());
+ final ServiceAdministrationModule serviceAdministrationModule = new ServiceAdministrationModule();
+ // unless admin user account with a secure password is added, this will be not become effective
+ serviceAdministrationModule.setAddAdmins(Arrays.asList(adminJID));
+ server.addModule(serviceAdministrationModule);
if (listOfModules != null) {
for (Module module : listOfModules) {