You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by no...@apache.org on 2011/05/03 16:23:17 UTC
svn commit: r1099069 - in /james/server/trunk:
container-spring/src/main/config/james/
imapserver/src/main/java/org/apache/james/imapserver/netty/
Author: norman
Date: Tue May 3 14:23:17 2011
New Revision: 1099069
URL: http://svn.apache.org/viewvc?rev=1099069&view=rev
Log:
Add support for LOGINDISABLED as stated in rfc3501 via plainAuthDisallowed configuration. This completes IMAP-304
Modified:
james/server/trunk/container-spring/src/main/config/james/imapserver.xml
james/server/trunk/imapserver/src/main/java/org/apache/james/imapserver/netty/IMAPServer.java
james/server/trunk/imapserver/src/main/java/org/apache/james/imapserver/netty/ImapChannelUpstreamHandler.java
james/server/trunk/imapserver/src/main/java/org/apache/james/imapserver/netty/NettyImapSession.java
Modified: james/server/trunk/container-spring/src/main/config/james/imapserver.xml
URL: http://svn.apache.org/viewvc/james/server/trunk/container-spring/src/main/config/james/imapserver.xml?rev=1099069&r1=1099068&r2=1099069&view=diff
==============================================================================
--- james/server/trunk/container-spring/src/main/config/james/imapserver.xml (original)
+++ james/server/trunk/container-spring/src/main/config/james/imapserver.xml Tue May 3 14:23:17 2011
@@ -25,9 +25,14 @@
<connectionBacklog>200</connectionBacklog>
<tls socketTLS="false" startTLS="false">
</tls>
+
+ <!-- Disallow plain authenticate / login. So any client will need to STARTTLS before try to login -->
+ <!-- or the socket must be using TLS in general -->
+ <plainAuthDisallowed>false</plainAuthDisallowed>
+
<!-- COMPRESS extension -->
<compress>false</compress>
-
+
<!-- Maximal allowed line-length before a BAD response will get returned to the client -->
<!-- This should be set with caution as a to high value can make the server a target for DOS! -->
<maxLineLength>65536</maxLineLength>
Modified: james/server/trunk/imapserver/src/main/java/org/apache/james/imapserver/netty/IMAPServer.java
URL: http://svn.apache.org/viewvc/james/server/trunk/imapserver/src/main/java/org/apache/james/imapserver/netty/IMAPServer.java?rev=1099069&r1=1099068&r2=1099069&view=diff
==============================================================================
--- james/server/trunk/imapserver/src/main/java/org/apache/james/imapserver/netty/IMAPServer.java (original)
+++ james/server/trunk/imapserver/src/main/java/org/apache/james/imapserver/netty/IMAPServer.java Tue May 3 14:23:17 2011
@@ -66,6 +66,8 @@ public class IMAPServer extends Abstract
private int maxLineLength;
private int inMemorySizeLimit;
+
+ private boolean plainAuthDisallowed;
@@ -97,6 +99,7 @@ public class IMAPServer extends Abstract
compress = configuration.getBoolean("compress", false);
maxLineLength = configuration.getInt("maxLineLength", DEFAULT_MAX_LINE_LENGTH);
inMemorySizeLimit = configuration.getInt("inMemorySizeLimit", DEFAULT_IN_MEMORY_SIZE_LIMIT);
+ plainAuthDisallowed = configuration.getBoolean("plainAuthDisallowed", false);
}
/*
@@ -174,9 +177,9 @@ public class IMAPServer extends Abstract
protected ChannelUpstreamHandler createCoreHandler() {
ImapChannelUpstreamHandler coreHandler;
if (isStartTLSSupported()) {
- coreHandler = new ImapChannelUpstreamHandler(hello, processor, encoder, getLogger(), compress, getSSLContext(), getEnabledCipherSuites());
+ coreHandler = new ImapChannelUpstreamHandler(hello, processor, encoder, getLogger(), compress, plainAuthDisallowed, getSSLContext(), getEnabledCipherSuites());
} else {
- coreHandler = new ImapChannelUpstreamHandler(hello, processor, encoder, getLogger(), compress);
+ coreHandler = new ImapChannelUpstreamHandler(hello, processor, encoder, getLogger(), compress, plainAuthDisallowed);
}
return coreHandler;
}
Modified: james/server/trunk/imapserver/src/main/java/org/apache/james/imapserver/netty/ImapChannelUpstreamHandler.java
URL: http://svn.apache.org/viewvc/james/server/trunk/imapserver/src/main/java/org/apache/james/imapserver/netty/ImapChannelUpstreamHandler.java?rev=1099069&r1=1099068&r2=1099069&view=diff
==============================================================================
--- james/server/trunk/imapserver/src/main/java/org/apache/james/imapserver/netty/ImapChannelUpstreamHandler.java (original)
+++ james/server/trunk/imapserver/src/main/java/org/apache/james/imapserver/netty/ImapChannelUpstreamHandler.java Tue May 3 14:23:17 2011
@@ -64,12 +64,14 @@ public class ImapChannelUpstreamHandler
private ImapEncoder encoder;
private final ImapHeartbeatHandler heartbeatHandler = new ImapHeartbeatHandler();
+
+ private boolean plainAuthDisallowed;
- public ImapChannelUpstreamHandler(final String hello, final ImapProcessor processor, ImapEncoder encoder, final Logger logger, boolean compress) {
- this(hello, processor, encoder, logger, compress, null, null);
+ public ImapChannelUpstreamHandler(final String hello, final ImapProcessor processor, ImapEncoder encoder, final Logger logger, boolean compress, boolean plainAuthDisallowed) {
+ this(hello, processor, encoder, logger, compress, plainAuthDisallowed, null, null);
}
- public ImapChannelUpstreamHandler(final String hello, final ImapProcessor processor, ImapEncoder encoder, final Logger logger, boolean compress, SSLContext context, String[] enabledCipherSuites) {
+ public ImapChannelUpstreamHandler(final String hello, final ImapProcessor processor, ImapEncoder encoder, final Logger logger, boolean compress, boolean plainAuthDisallowed, SSLContext context, String[] enabledCipherSuites) {
this.logger = logger;
this.hello = hello;
this.processor = processor;
@@ -77,6 +79,7 @@ public class ImapChannelUpstreamHandler
this.context = context;
this.enabledCipherSuites = enabledCipherSuites;
this.compress = compress;
+ this.plainAuthDisallowed = plainAuthDisallowed;
}
private Logger getLogger(Channel channel) {
@@ -86,7 +89,8 @@ public class ImapChannelUpstreamHandler
@Override
public void channelBound(final ChannelHandlerContext ctx, ChannelStateEvent e) throws Exception {
- ImapSession imapsession = new NettyImapSession(ctx, logger, context, enabledCipherSuites, compress);
+ // TODO: make this configurable
+ ImapSession imapsession = new NettyImapSession(ctx, logger, context, enabledCipherSuites, compress, plainAuthDisallowed);
attributes.set(ctx.getChannel(), imapsession);
super.channelBound(ctx, e);
}
Modified: james/server/trunk/imapserver/src/main/java/org/apache/james/imapserver/netty/NettyImapSession.java
URL: http://svn.apache.org/viewvc/james/server/trunk/imapserver/src/main/java/org/apache/james/imapserver/netty/NettyImapSession.java?rev=1099069&r1=1099068&r2=1099069&view=diff
==============================================================================
--- james/server/trunk/imapserver/src/main/java/org/apache/james/imapserver/netty/NettyImapSession.java (original)
+++ james/server/trunk/imapserver/src/main/java/org/apache/james/imapserver/netty/NettyImapSession.java Tue May 3 14:23:17 2011
@@ -47,13 +47,15 @@ public class NettyImapSession implements
private SessionLog log;
private ChannelHandlerContext context;
private int handlerCount;
+ private boolean plainAuthDisallowed;
- public NettyImapSession(ChannelHandlerContext context, Logger log, SSLContext sslContext, String[] enabledCipherSuites, boolean compress) {
+ public NettyImapSession(ChannelHandlerContext context, Logger log, SSLContext sslContext, String[] enabledCipherSuites, boolean compress, boolean plainAuthDisallowed) {
this.context = context;
this.log = new SessionLog(context.getChannel().getId() + "", log);
this.sslContext = sslContext;
this.enabledCipherSuites = enabledCipherSuites;
this.compress = compress;
+ this.plainAuthDisallowed = plainAuthDisallowed;
}
/**
@@ -260,4 +262,20 @@ public class NettyImapSession implements
return log;
}
+ /*
+ * (non-Javadoc)
+ * @see org.apache.james.imap.api.process.ImapSession#isPlainAuthDisallowed()
+ */
+ public boolean isPlainAuthDisallowed() {
+ return plainAuthDisallowed;
+ }
+
+ /*
+ * (non-Javadoc)
+ * @see org.apache.james.imap.api.process.ImapSession#isTLSActive()
+ */
+ public boolean isTLSActive() {
+ return context.getPipeline().get(SSL_HANDLER) != null;
+ }
+
}
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org