mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bernd Fondermann <bernd.fonderm...@googlemail.com>
Subject Re: Vysper stanza filtering
Date Wed, 04 Jan 2012 15:28:11 GMT
On Tue, Jan 3, 2012 at 19:58, Mike Mahoney <mike.mahoney@thingworx.com> wrote:
> Hey Everyone,
> I recently wrote a simple stanza filtering framework for Vysper and was wondering if
there would be interest in merging it in.  Here is how it works:
> There is one key interface, a StanzaFilter:
> //
> // StanzaFilter interface
> //
> package org.apache.vysper.xmpp.filter;
> import org.apache.vysper.xmpp.server.ServerRuntimeContext;
> import org.apache.vysper.xmpp.server.SessionContext;
> import org.apache.vysper.xmpp.stanza.Stanza;
> public interface StanzaFilter {
>    public Stanza accept(ServerRuntimeContext context, SessionContext session, Stanza
> }
> A filter implementation's accept method should return null if the filter fails, or a
stanza in the case of success.
> There is also a FIlterChain, which implements StanzaFilter, but also holds a collection
of filters.  This allows you to create a single chain that executes a number of filters.
> I added a FilterChain to both XMPPServer and ServerRuntimeContext.  This allows a user
to add Filters via a XMPPServer.addStanzaFilter() method prior to starting the server.  The
Server puts the filters into its FilterChain and then passes the chain into the ServerRuntimeContext
when the server is started.
> Then I added the following to ProtocolWorker to actually execute the filters.  Keep
in mind that serverRuntimeContext.getFilter() returns a chain and therefore may actually run
several filters.  The default filter (if none are added) simply returns the original stanza.
> public void processStanza(ServerRuntimeContext serverRuntimeContext, SessionContext sessionContext,
Stanza stanza,
>            SessionStateHolder sessionStateHolder) {
>        if (stanza == null)
>            throw new RuntimeException("cannot process NULL stanzas");
>        // Only process the filters for a session once it has authenticated
>        if (sessionContext != null && sessionContext.getState() == SessionState.AUTHENTICATED)
>            stanza = serverRuntimeContext.getFilter().accept(serverRuntimeContext,
sessionContext, stanza);
>            if (stanza == null) return;
>        }
>        <snip>
> I also wrote some classes that extend FilterChain for specific stanza types:  IQFilterChain,
PresenceFilterChain, and MessageFilterChain.  These will only run their filters on stanzas
that match their type.
> Any thoughts/concerns about this implementation?  If there is interest I will put together
a patch and submit it.
> Thanks,
> Mike

-0 for the general idea.

XMPP is easily extensible and offers all neccessary mechanisms to
build own applications while creating a tight, secure, robust and
interoperable framework. So I wouldn't recommend users to use their
own filters the same way I wouldn't generally recommend anyone to add
their own methods to HTTP. But maybe there's an use case that got
passed me, and I'm not active on Vysper right now, so please go ahead.
Also, maybe I don't understand the proposed concept properly.

However, I would be very strict which stanzas could be filtered in
which session states, just like it is right now (I hope). The given
code suggests that this is already your intention, exposing the filter
chain only for the AUTHENTICATED session state.
Otherwise, badly implemented filters could easily create security
holes, for example let slipping past weak authentication (like SASL
PLAIN) while the session is still unencrypted.


View raw message