<%-- - $Revision$ - $Date$ - - Copyright (C) 2004-2008 Jive Software. All rights reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. --%> <%@ page import="org.jivesoftware.openfire.Connection, org.jivesoftware.openfire.ConnectionManager, org.jivesoftware.openfire.XMPPServer, org.jivesoftware.openfire.server.ServerDialback, org.jivesoftware.openfire.session.LocalClientSession, org.jivesoftware.util.JiveGlobals" errorPage="error.jsp" %> <%@ page import="org.jivesoftware.util.ParamUtils" %> <%@ taglib uri="http://java.sun.com/jstl/core_rt" prefix="c" %> <%@ taglib uri="http://java.sun.com/jstl/fmt_rt" prefix="fmt" %> <% webManager.init(request, response, session, application, out ); %> <% try { %> <% // Get parameters: boolean update = request.getParameter("update") != null; boolean success = ParamUtils.getBooleanParameter(request, "success"); // Client configuration parameters String clientSecurityRequired = ParamUtils.getParameter(request, "clientSecurityRequired"); String ssl = ParamUtils.getParameter(request, "ssl"); String tls = ParamUtils.getParameter(request, "tls"); // Server configuration parameters String serverSecurityRequired = ParamUtils.getParameter(request, "serverSecurityRequired"); String dialback = ParamUtils.getParameter(request, "dialback"); String server_tls = ParamUtils.getParameter(request, "server_tls"); boolean selfSigned = ParamUtils.getBooleanParameter(request, "selfSigned"); if (update) { if ("req".equals(clientSecurityRequired)) { // User selected that security is required // Enable 5222 port and make TLS required XMPPServer.getInstance().getConnectionManager().enableClientListener(true); LocalClientSession.setTLSPolicy(Connection.TLSPolicy.required); // Enable 5223 port (old SSL port) XMPPServer.getInstance().getConnectionManager().enableClientSSLListener(true); } else if ("notreq".equals(clientSecurityRequired)) { // User selected that security is NOT required // Enable 5222 port and make TLS optional XMPPServer.getInstance().getConnectionManager().enableClientListener(true); LocalClientSession.setTLSPolicy(Connection.TLSPolicy.optional); // Enable 5223 port (old SSL port) XMPPServer.getInstance().getConnectionManager().enableClientSSLListener(true); } else if ("custom".equals(clientSecurityRequired)) { // User selected custom client authentication // Enable or disable 5223 port (old SSL port) XMPPServer.getInstance().getConnectionManager().enableClientSSLListener("available".equals(ssl)); // Enable port 5222 and configure TLS policy XMPPServer.getInstance().getConnectionManager().enableClientListener(true); if ("notavailable".equals(tls)) { LocalClientSession.setTLSPolicy(Connection.TLSPolicy.disabled); } else if ("optional".equals(tls)) { LocalClientSession.setTLSPolicy(Connection.TLSPolicy.optional); } else { LocalClientSession.setTLSPolicy(Connection.TLSPolicy.required); } } if ("req".equals(serverSecurityRequired)) { // User selected that security for s2s is required // Enable TLS and disable server dialback XMPPServer.getInstance().getConnectionManager().enableServerListener(true); JiveGlobals.setProperty("xmpp.server.tls.enabled", "true"); JiveGlobals.setProperty("xmpp.server.dialback.enabled", "false"); } else if ("notreq".equals(serverSecurityRequired)) { // User selected that security for s2s is NOT required // Enable TLS and enable server dialback XMPPServer.getInstance().getConnectionManager().enableServerListener(true); JiveGlobals.setProperty("xmpp.server.tls.enabled", "true"); JiveGlobals.setProperty("xmpp.server.dialback.enabled", "true"); } else if ("custom".equals(serverSecurityRequired)) { // User selected custom server authentication boolean dialbackEnabled = "available".equals(dialback); boolean tlsEnabled = "optional".equals(server_tls); if (dialbackEnabled || tlsEnabled) { XMPPServer.getInstance().getConnectionManager().enableServerListener(true); // Enable or disable server dialback JiveGlobals.setProperty("xmpp.server.dialback.enabled", dialbackEnabled ? "true" : "false"); // Enable or disable TLS for s2s connections JiveGlobals.setProperty("xmpp.server.tls.enabled", tlsEnabled ? "true" : "false"); } else { XMPPServer.getInstance().getConnectionManager().enableServerListener(false); // Disable server dialback JiveGlobals.setProperty("xmpp.server.dialback.enabled", "false"); // Disable TLS for s2s connections JiveGlobals.setProperty("xmpp.server.tls.enabled", "false"); } } ServerDialback.setEnabledForSelfSigned(selfSigned); success = true; // Log the event webManager.logEvent("updated SSL configuration", "xmpp.server.dialback.enabled = "+JiveGlobals.getProperty("xmpp.server.dialback.enabled")+"\nxmpp.server.tls.enabled = "+JiveGlobals.getProperty("xmpp.server.tls.enabled")); } // Set page vars ConnectionManager connectionManager = XMPPServer.getInstance().getConnectionManager(); if (connectionManager.isClientListenerEnabled() && connectionManager.isClientSSLListenerEnabled()) { if (Connection.TLSPolicy.required.equals(LocalClientSession.getTLSPolicy())) { clientSecurityRequired = "req"; ssl = "available"; tls = "required"; } else if (Connection.TLSPolicy.optional.equals(LocalClientSession.getTLSPolicy())) { clientSecurityRequired = "notreq"; ssl = "available"; tls = "optional"; } else { clientSecurityRequired = "custom"; ssl = "available"; tls = "notavailable"; } } else { clientSecurityRequired = "custom"; ssl = connectionManager.isClientSSLListenerEnabled() ? "available" : "notavailable"; tls = Connection.TLSPolicy.disabled.equals(LocalClientSession.getTLSPolicy()) ? "notavailable" : LocalClientSession.getTLSPolicy().toString(); } boolean tlsEnabled = JiveGlobals.getBooleanProperty("xmpp.server.tls.enabled", true); boolean dialbackEnabled = JiveGlobals.getBooleanProperty("xmpp.server.dialback.enabled", true); if (tlsEnabled) { if (dialbackEnabled) { serverSecurityRequired = "notreq"; dialback = "available"; server_tls = "optional"; } else { serverSecurityRequired = "req"; dialback = "notavailable"; server_tls = "optional"; } } else { serverSecurityRequired = "custom"; dialback = dialbackEnabled ? "available" : "notavailable"; server_tls = "notavailable"; } selfSigned = ServerDialback.isEnabledForSelfSigned(); %> <fmt:message key="ssl.settings.title"/> <% if (success) { %>

<% } else if (ParamUtils.getBooleanParameter(request,"deletesuccess")) { %>

<% } %>

>
>
>
>
 
onclick="this.form.clientSecurityRequired[2].checked=true;">    onclick="this.form.clientSecurityRequired[2].checked=true;"> 
onclick="this.form.clientSecurityRequired[2].checked=true;">    onclick="this.form.clientSecurityRequired[2].checked=true;">    onclick="this.form.clientSecurityRequired[2].checked=true;"> 


>
>
>
>
 
onclick="this.form.serverSecurityRequired[2].checked=true;">    onclick="this.form.serverSecurityRequired[2].checked=true;"> 
onclick="this.form.serverSecurityRequired[2].checked=true;">    onclick="this.form.serverSecurityRequired[2].checked=true;">   
>
">
<% } catch (Throwable t) { t.printStackTrace(); } %>