InterceptorManager
PluginManager
openfire 插件的中servlet 在web-custom.xml 中的配置 url 一定要小写,访问时不区别大写小 否则404
如:
<servlet>
<servlet-name>Sample1Servlet</servlet-name>
<servlet-class>com.myyule.openfire.plugin.Sample1Servlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Sample1Servlet</servlet-name>
<url-pattern>/servlet1</url-pattern>
<!-- 此处一定要小写,访问时大小时无关,否则404
http://127.0.0.1:9090/plugins/sample/ServLet1 也可以访问成功
-->
</servlet-mapping>
自定用户表:
--设置JDBC连接方式
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcProvider.connectionString',
'jdbc:oracle:thin:@10.35.246.178:1521:orcl');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcProvider.driver', 'oracle.jdbc.driver.OracleDriver');
--设置管理员账号
insert into OFPROPERTY (NAME, PROPVALUE)
values ('admin.authorizedJIDs', 'admin@localhost');
--自定义用户认证
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcAuthProvider.useConnectionProvider', 'true');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcAuthProvider.passwordSQL', 'select ''123456'' as pwd from
t_sys_user t where t.code=?');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcAuthProvider.passwordType', 'plain');
--自定义用户管理
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.allUsersSQL', 'select code from t_sys_user
t');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.nameField', 'name');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.searchSQL', 'select code from t_sys_user t
where code=?');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.useConnectionProvider', 'true');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.emailField', 'email');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.userCountSQL', 'select count(*) from
t_sys_user t');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.loadUserSQL', 'select t.name,t.email,t.code
from t_sys_user t where t.code=?');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.usernameField', 'code');
--使用不同的数据源
update OFPROPERTY set
PROPVALUE='org.jivesoftware.openfire.user.JDBCUserProvider'
where NAME='provider.user.className';
update OFPROPERTY set
PROPVALUE='org.jivesoftware.openfire.auth.JDBCAuthProvider'
where NAME='provider.auth.className';
commit;
openfire 包错误 的类型与情形
在 org.xmpp.packet.PacketError 类中
Type:可用的类型:
Error.Type. cancel --do not retry (the error is unrecoverable).
不要重试(错误是不可恢复)
Error.Type. continue_processing -- proceed (the condition was only a warning). Equivalent to the XMPP error type "continue".
继续(条件只有一个警告)。这表示存在"continue"错误代码在XMPP中; 因为"continue"在Java中是保留的关键字(enum的名称已被更改)。
Error.Type. modify -- retry after changing the data sent.
更改发送数据后重试。
Eror.Type. auth -- retry after providing credentials.
提供凭据后重试。
Error.Type. wait -- retry after waiting (the error is temporary).
等待后重试(错误是暂时的)。
Condition 安全 枚举 类型的错误条件:
bad_request("bad-request", Type.modify, 400),
/**
* 发件人发送的XML是不正确格式或不能处理的
*(例如,一个IQ节,其中包括一个无法识别的'type'属性) ;
* 关联的错误类型应该为"modify"。
*
* The sender has sent XML that is malformed or that cannot be processed
* (e.g., an IQ stanza that includes an unrecognized value of the 'type'
* attribute); the associated error type SHOULD be "modify".
*/
conflict("conflict", Type.cancel, 409),
/**
* 访问不能被授权,因为一个正存在的资源或会话与原来存在的名称或地址相同;
* 关联的错误类型应该为"cancel" 。
*
* Access cannot be granted because an existing resource or session
* exists with the same name or address; the associated error type
* SHOULD be "cancel".
*/
feature_not_implemented("feature-not-implemented", Type.cancel, 501),
/**
* 请求的功能没有被由收件人或服务器实现,因此不能被处理;
* 关联的错误类型应该为"cancel" 。
*
* The feature requested is not implemented by the recipient or
* server and therefore cannot be processed; the associated error
* type SHOULD be "cancel".
*/
forbidden("forbidden", Type.auth, 403),
/**
* 正在请求的实体不具备所需的权限来完成操作;
* 关联的错误类型应该为"auth" 。
*
* The requesting entity does not possess the required permissions to
* perform the action; the associated error type SHOULD be "auth".
*/
gone("gone", Type.modify, 302),
/**
* 接受者或服务器不再使用这个地址进行联系(在XML字符数据的<gone/>元素中,这个错误节可以包含一个新的地址) ;
* 关联的错误类型应该为"modify"。
*
* The recipient or server can no longer be contacted at this address
* (the error stanza MAY contain a new address in the XML character
* data of the <gone/> element); the associated error type SHOULD be
* "modify".
*/
internal_server_error("internal-server-error", Type.wait, 500),
/**
* 服务器无法处理节,因为配置错误或其他未定义的内部服务器错误;
* 关联的错误类型应该为"wait"。
*
* The server could not process the stanza because of a misconfiguration
* or an otherwise-undefined internal server error; the associated error
* type SHOULD be "wait".
*/
item_not_found("item-not-found", Type.cancel, 404),
/**
* 无法找到需要的JID地址 或 item(项目)
* 关联的错误类型应该为"cancel"。
*
* The addressed JID or item requested cannot be found; the associated
* error type SHOULD be "cancel".
*/
jid_malformed("jid-malformed", Type.modify, 400),
/**
* 发送实体提供或连接到一个XMPP地址(例如, 'to'属性的值)或由于这方面(例如,资源标识符)
* 在在寻址方案中不遵守的已定义的语法(第3节)
* 关联的错误类型应该为"modify"。
*
* The sending entity has provided or communicated an XMPP address
* (e.g., a value of the 'to' attribute) or aspect thereof (e.g.,
* a resource identifier) that does not adhere to the syntax defined
* in Addressing Scheme (Section 3); the associated error type SHOULD
* be "modify".
*/
not_acceptable("not-acceptable", Type.modify, 406),
/**
* 接收者或服务器不理解该请求,而拒绝处理它,因为它不符合被接收者或服务器定义的标准
* (例如,一个局部的方针,在消息中看作可接受的词);
* 关联的错误类型应该为"modify"
*
* The recipient or server understands the request but is refusing
* to process it because it does not meet criteria defined by the
* recipient or server (e.g., a local policy regarding acceptable
* words in messages); the associated error type SHOULD be "modify".
*/
not_allowed("not-allowed", Type.cancel, 405),
/**
* 收件人或服务器不允许任何实体完成该操作;
* 关联的错误类型应该为"cancel"
*
* The recipient or server does not allow any entity to perform
* the action; the associated error type SHOULD be "cancel".
*/
not_authorized("not-authorized", Type.auth, 401),
/**
* 发送者在被允许执行操作之前 必须提供正确的凭据,或已经提供不正确的凭据;
* 关联的错误类型应该为"auth"
*
* The sender must provide proper credentials before being allowed
* to perform the action, or has provided improper credentials;
* the associated error type SHOULD be "auth".
*/
payment_required("payment-required", Type.auth, 402),
/**
*
* 因为需要支付(认证),请求实体未被授权访问所请求的服务;
*关联的错误类型应该为"auth"
*
* The requesting entity is not authorized to access the requested
* service because payment is required; the associated error type
* SHOULD be "auth".
*/
recipient_unavailable("recipient-unavailable", Type.wait, 404),
/**
* 预期的收件人暂时没空(没在线);
* 关联的错误类型应该为"wait"。
* (注:应用程序不能返回这个错误,如果这样做会提供有关预期的信息收件人的网络
*
* The intended recipient is temporarily unavailable; the associated
* error type SHOULD be "wait" (note: an application MUST NOT return
* this error if doing so would provide information about the intended
* recipient's network availability to an entity that is not authorized
* to know such information).
*/
redirect("redirect", Type.modify, 302),
/**
* 接收者或服务器重定向这个请求另一个实体,
* 通常是暂时的(错误节应该包含备用地址,它必须是有效的JID ,在<redirect/>元素的XML字符数据) ;
* 关联的错误类型应该为"modify"。
*
* The recipient or server is redirecting requests for this
* information to another entity, usually temporarily (the error
* stanza SHOULD contain the alternate address, which MUST be a
* valid JID, in the XML character data of the <redirect/> element);
* the associated error type SHOULD be "modify".
*/
registration_required("registration-required", Type.auth, 407),
/**
* 请求实体未被授权访问所请求的服务,因为需要注册;
* 关联的错误类型应该为"auth"。
*
* The requesting entity is not authorized to access the requested
* service because registration is required; the associated error
* type SHOULD be "auth".
*/
remote_server_not_found("remote-server-not-found", Type.cancel, 404),
/**
* 远程服务器或指定的服务,不存在预定的接收者(的部分或全部的JID);
* 关联的错误类型应该为"cancel"
* A remote server or service specified as part or all of the JID
* of the intended recipient does not exist;
* the associated error type SHOULD be "cancel".
*/
remote_server_timeout("remote-server-timeout", Type.wait, 504),
/**
* 远程服务器或指定的服务,不能在一个适当的时间内联系到预定的接收者的部分或全部的JID(或须履行请求);
* 关联的错误类型应该为"wait"
*
* A remote server or service specified as part or all of the JID of
* the intended recipient (or required to fulfill a request) could not
* be contacted within a reasonable amount of time; the associated
* error type SHOULD be "wait".
*/
resource_constraint("resource-constraint", Type.wait, 500),
/**
* 服务器或接收者缺乏必要的系统资源到请求的服务
* 关联的错误类型应该为"wait"
*
* The server or recipient lacks the system resources necessary to
* service the request; the associated error type SHOULD be "wait".
*/
service_unavailable("service-unavailable", Type.cancel, 503),
/**
* 服务器或接收者目前不提供请求的服务;
* 关联的错误类型应该为"cancel"
*
* The server or recipient does not currently provide the requested
* service; the associated error type SHOULD be "cancel".
*/
subscription_required("subscription-required", Type.auth, 407),
/**
* 因为需要订阅,请求实体未被授权访问所请求的的服务;
* 关联的错误类型应该为"auth"
*
* The requesting entity is not authorized to access the requested
* service because a subscription is required; the associated error
* type SHOULD be "auth".
*/
undefined_condition("undefined-condition", Type.wait, 500),
/**
* 没有定义的条件
*
* The error condition is not one of those defined by the other
* conditions in this list; any error type may be associated with
* this condition, and it SHOULD be used only in conjunction with
* an application-specific condition.<p>
*
* Implementation note: the default type for this condition is
* {@link Type#wait}, which is not specified in the XMPP protocol.
*/
unexpected_request("unexpected-request", Type.wait, 400);
/**
* 没有预料的请求
*
* The recipient or server understood the request but was not
* expecting it at this time (e.g., the request was out of order);
* the associated error type SHOULD be "wait".
*/
修改服务器名后出现错误,
解决办法:
1、登陆openfire管理页面,点击主页面下方“编辑属性”,修改服务器名称为当前主机名称,点击“保存属性”,重启服务器。
2、 重启后,主页的“服务器属性”的‘服务器名称“出现叹号, 这是RSA认证无效造成的,对新的服务器进行RSA证书的配置。
3、选择【服务器设置】菜单,选择左下方【服务器证书】,点击后面的删除按钮将两个证书全部删除。删除后重启服务器。
4、重启后,系统提示“一个或更多的证书丢失。单击 这里 产生自定义签名证书”。点击后,自动生成和新的服务器匹配的RSA证书。
5、 重启服务器。 再次登录,主界面服务器名称的叹号消失,客户端可以正常登陆。