openfire build(2)

InterceptorManager

PluginManager

openfire 插件的中servlet 在web-custom.xml 中的配置 url 一定要小写，访问时不区别大写小 否则404
如：

<servlet><servlet-name>Sample1Servlet</servlet-name><servlet-class>com.myyule.openfire.plugin.Sample1Servlet</servlet-class></servlet><servlet-mapping><servlet-name>Sample1Servlet</servlet-name><url-pattern>/servlet1</url-pattern>　　<!-- 此处一定要小写，访问时大小时无关，否则404　　http://127.0.0.1:9090/plugins/sample/ServLet1 也可以访问成功　　 --></servlet-mapping>

自定用户表：

--设置JDBC连接方式
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcProvider.connectionString','jdbc:oracle:thin:@10.35.246.178:1521:orcl');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcProvider.driver', 'oracle.jdbc.driver.OracleDriver');--设置管理员账号
insert into OFPROPERTY (NAME, PROPVALUE)
values ('admin.authorizedJIDs', 'admin@localhost');--自定义用户认证
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcAuthProvider.useConnectionProvider', 'true');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcAuthProvider.passwordSQL', 'select ''123456'' as pwd fromt_sys_user t where t.code=?');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcAuthProvider.passwordType', 'plain');--自定义用户管理
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.allUsersSQL', 'select code from t_sys_usert');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.nameField', 'name');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.searchSQL', 'select code from t_sys_user twhere code=?');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.useConnectionProvider', 'true');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.emailField', 'email');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.userCountSQL', 'select count(*) fromt_sys_user t');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.loadUserSQL', 'select t.name,t.email,t.codefrom t_sys_user t where t.code=?');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.usernameField', 'code');--使用不同的数据源
update OFPROPERTY setPROPVALUE='org.jivesoftware.openfire.user.JDBCUserProvider'
where NAME='provider.user.className';
update OFPROPERTY setPROPVALUE='org.jivesoftware.openfire.auth.JDBCAuthProvider'
where NAME='provider.auth.className';
commit;

openfire 包错误 的类型与情形

在 org.xmpp.packet.PacketError 类中
Type：可用的类型：
Error.Type. cancel --do not retry (the error is unrecoverable).
不要重试（错误是不可恢复）
Error.Type. continue_processing -- proceed (the condition was only a warning). Equivalent to the XMPP error type "continue".
继续（条件只有一个警告）。这表示存在"continue"错误代码在XMPP中; 因为"continue"在Java中是保留的关键字（enum的名称已被更改）。
Error.Type. modify -- retry after changing the data sent.
更改发送数据后重试。
Eror.Type. auth -- retry after providing credentials.
提供凭据后重试。
Error.Type. wait -- retry after waiting (the error is temporary).等待后重试（错误是暂时的）。Condition
安全
枚举
类型的错误条件：bad_request("bad-request", Type.modify, 400),/*** 发件人发送的XML是不正确格式或不能处理的
*（例如，一个IQ节，其中包括一个无法识别的'type'属性） ;
* 关联的错误类型应该为"modify"。
*
* The sender has sent XML that is malformed or that cannot be processed
* (e.g., an IQ stanza that includes an unrecognized value of the 'type'
* attribute); the associated error type SHOULD be "modify".
*/conflict("conflict", Type.cancel, 409),
/**
* 访问不能被授权，因为一个正存在的资源或会话与原来存在的名称或地址相同;
* 关联的错误类型应该为"cancel" 。
*
* Access cannot be granted because an existing resource or session
* exists with the same name or address; the associated error type
* SHOULD be "cancel".
*/feature_not_implemented("feature-not-implemented", Type.cancel, 501),
/**
* 请求的功能没有被由收件人或服务器实现，因此不能被处理；
* 关联的错误类型应该为"cancel" 。
*
* The feature requested is not implemented by the recipient or
* server and therefore cannot be processed; the associated error
* type SHOULD be "cancel".
*/ forbidden("forbidden", Type.auth, 403),
/**
* 正在请求的实体不具备所需的权限来完成操作;
* 关联的错误类型应该为"auth" 。
*
* The requesting entity does not possess the required permissions to
* perform the action; the associated error type SHOULD be "auth".
*/ gone("gone", Type.modify, 302), /**
* 接受者或服务器不再使用这个地址进行联系（在XML字符数据的<gone/>元素中，这个错误节可以包含一个新的地址） ;
* 关联的错误类型应该为"modify"。
*
* The recipient or server can no longer be contacted at this address
* (the error stanza MAY contain a new address in the XML character
* data of the <gone/> element); the associated error type SHOULD be
* "modify".
*/
internal_server_error("internal-server-error", Type.wait, 500),
/**
* 服务器无法处理节，因为配置错误或其他未定义的内部服务器错误;
* 关联的错误类型应该为"wait"。
*
* The server could not process the stanza because of a misconfiguration
* or an otherwise-undefined internal server error; the associated error
* type SHOULD be "wait".
*/
item_not_found("item-not-found", Type.cancel, 404),
/**
* 无法找到需要的JID地址 或 item（项目）
* 关联的错误类型应该为"cancel"。
*
* The addressed JID or item requested cannot be found; the associated
* error type SHOULD be "cancel".
*/
jid_malformed("jid-malformed", Type.modify, 400),
/**
* 发送实体提供或连接到一个XMPP地址（例如， 'to'属性的值）或由于这方面（例如，资源标识符）
* 在在寻址方案中不遵守的已定义的语法（第3节）
* 关联的错误类型应该为"modify"。
*
* The sending entity has provided or communicated an XMPP address
* (e.g., a value of the 'to' attribute) or aspect thereof (e.g.,
* a resource identifier) that does not adhere to the syntax defined
* in Addressing Scheme (Section 3); the associated error type SHOULD
* be "modify".
*/
not_acceptable("not-acceptable", Type.modify, 406),
/**
* 接收者或服务器不理解该请求，而拒绝处理它，因为它不符合被接收者或服务器定义的标准
* （例如，一个局部的方针，在消息中看作可接受的词）;
* 关联的错误类型应该为"modify"
*
* The recipient or server understands the request but is refusing
* to process it because it does not meet criteria defined by the
* recipient or server (e.g., a local policy regarding acceptable
* words in messages); the associated error type SHOULD be "modify".
*/
not_allowed("not-allowed", Type.cancel, 405),
/**
* 收件人或服务器不允许任何实体完成该操作;
* 关联的错误类型应该为"cancel"
*
* The recipient or server does not allow any entity to perform
* the action; the associated error type SHOULD be "cancel".
*/
not_authorized("not-authorized", Type.auth, 401),
/**
* 发送者在被允许执行操作之前 必须提供正确的凭据，或已经提供不正确的凭据;
* 关联的错误类型应该为"auth"
*
* The sender must provide proper credentials before being allowed
* to perform the action, or has provided improper credentials;
* the associated error type SHOULD be "auth".
*/
payment_required("payment-required", Type.auth, 402),
/**
*
* 因为需要支付（认证），请求实体未被授权访问所请求的服务;
*关联的错误类型应该为"auth"
*
* The requesting entity is not authorized to access the requested
* service because payment is required; the associated error type
* SHOULD be "auth".
*/
recipient_unavailable("recipient-unavailable", Type.wait, 404),
/**
* 预期的收件人暂时没空（没在线）;
* 关联的错误类型应该为"wait"。
* （注：应用程序不能返回这个错误，如果这样做会提供有关预期的信息收件人的网络
*
* The intended recipient is temporarily unavailable; the associated
* error type SHOULD be "wait" (note: an application MUST NOT return
* this error if doing so would provide information about the intended
* recipient's network availability to an entity that is not authorized
* to know such information).
*/
redirect("redirect", Type.modify, 302),
/**
* 接收者或服务器重定向这个请求另一个实体，
* 通常是暂时的（错误节应该包含备用地址，它必须是有效的JID ，在<redirect/>元素的XML字符数据） ;
* 关联的错误类型应该为"modify"。
*
* The recipient or server is redirecting requests for this
* information to another entity, usually temporarily (the error
* stanza SHOULD contain the alternate address, which MUST be a
* valid JID, in the XML character data of the <redirect/> element);
* the associated error type SHOULD be "modify".
*/
registration_required("registration-required", Type.auth, 407),
/**
* 请求实体未被授权访问所请求的服务，因为需要注册;
* 关联的错误类型应该为"auth"。
*
* The requesting entity is not authorized to access the requested
* service because registration is required; the associated error
* type SHOULD be "auth".
*/
remote_server_not_found("remote-server-not-found", Type.cancel, 404),
/**
* 远程服务器或指定的服务，不存在预定的接收者（的部分或全部的JID）;
* 关联的错误类型应该为"cancel"
* A remote server or service specified as part or all of the JID
* of the intended recipient does not exist;
* the associated error type SHOULD be "cancel".
*/
remote_server_timeout("remote-server-timeout", Type.wait, 504),
/**
* 远程服务器或指定的服务，不能在一个适当的时间内联系到预定的接收者的部分或全部的JID（或须履行请求）;
* 关联的错误类型应该为"wait"
*
* A remote server or service specified as part or all of the JID of
* the intended recipient (or required to fulfill a request) could not
* be contacted within a reasonable amount of time; the associated
* error type SHOULD be "wait".
*/
resource_constraint("resource-constraint", Type.wait, 500),
/**
* 服务器或接收者缺乏必要的系统资源到请求的服务
* 关联的错误类型应该为"wait"
*
* The server or recipient lacks the system resources necessary to
* service the request; the associated error type SHOULD be "wait".
*/
service_unavailable("service-unavailable", Type.cancel, 503),
/**
* 服务器或接收者目前不提供请求的服务;
* 关联的错误类型应该为"cancel"
*
* The server or recipient does not currently provide the requested
* service; the associated error type SHOULD be "cancel".
*/
subscription_required("subscription-required", Type.auth, 407),
/**
* 因为需要订阅，请求实体未被授权访问所请求的的服务;
* 关联的错误类型应该为"auth"
*
* The requesting entity is not authorized to access the requested
* service because a subscription is required; the associated error
* type SHOULD be "auth".
*/
undefined_condition("undefined-condition", Type.wait, 500),
/**
* 没有定义的条件
*
* The error condition is not one of those defined by the other
* conditions in this list; any error type may be associated with
* this condition, and it SHOULD be used only in conjunction with
* an application-specific condition.<p>
*
* Implementation note: the default type for this condition is
* {@link Type#wait}, which is not specified in the XMPP protocol.
*/ unexpected_request("unexpected-request", Type.wait, 400); /**
* 没有预料的请求
*
* The recipient or server understood the request but was not
* expecting it at this time (e.g., the request was out of order);
* the associated error type SHOULD be "wait".
*/修改服务器名后出现错误，解决办法：1、登陆openfire管理页面，点击主页面下方“编辑属性”，修改服务器名称为当前主机名称，点击“保存属性”，重启服务器。
2、 重启后，主页的“服务器属性”的‘服务器名称“出现叹号， 这是RSA认证无效造成的，对新的服务器进行RSA证书的配置。
3、选择【服务器设置】菜单，选择左下方【服务器证书】，点击后面的删除按钮将两个证书全部删除。删除后重启服务器。
4、重启后，系统提示“一个或更多的证书丢失。单击 这里 产生自定义签名证书”。点击后，自动生成和新的服务器匹配的RSA证书。
5、 重启服务器。 再次登录，主界面服务器名称的叹号消失，客户端可以正常登陆。