-
Notifications
You must be signed in to change notification settings - Fork 2
/
readme.html
62 lines (54 loc) · 2.17 KB
/
readme.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>AuthFilter Sanitizer Plugin Readme</title>
<style type="text/css">
BODY {
font-size : 100%;
}
BODY, TD, TH {
font-family : tahoma, verdana, arial, helvetica, sans-serif;
font-size : 0.8em;
}
H2 {
font-size : 10pt;
font-weight : bold;
}
A:hover {
text-decoration : none;
}
H1 {
font-family : tahoma, arial, helvetica, sans-serif;
font-size : 1.4em;
font-weight: bold;
border-bottom : 1px #ccc solid;
padding-bottom : 2px;
}
TT {
font-family : courier new;
font-weight : bold;
color : #060;
}
PRE {
font-family : courier new;
font-size : 100%;
}
</style>
</head>
<body>
<h1>AuthFilter Sanitizer Plugin Readme</h1>
<h2>Overview</h2>
<p>A plugin for the Openfire Real-time communications server that removes entries for Openfire's authentication filter that are susceptible to abuse (CVE-2023-32315).</p>
<h2>Installation</h2>
<p>Copy the authfiltersanitizer.jar file into the plugins directory of your Openfire installation. The plugin will then be automatically deployed. To upgrade to a new version, copy the new authfiltersanitizer.jar file over the existing file.</p>
<h2>Configuration</h2>
<p>The plugin can be configured by using these Openfire system properties:</p>
<ul>
<li><tt>plugin.authfiltersanitizer.sanitizetask.periodms</tt> (default <tt>10000</tt>) - The time (in milliseconds) between successive runs of the task that removes susceptible entries.</li>
<li><tt>plugin.authfiltersanitizer.sanitizetask.delayms</tt> (default <tt>2000</tt>) - The time (in milliseconds) between a (re)load of this plugin, and the first run of the task that removes susceptible entries.</li>
<li><tt>plugin.authfiltersanitizer.sanitizetask.disableSearch</tt> (default <tt>false</tt>) - Controls if, apart from known, hard-coded susceptible entries, the task will dynamically search for other susceptible entries.</li>
</ul>
<h2>Using the Plugin</h2>
<p>After the plugin has been installed, the Openfire authentication filter will be periodically cleaned from entries automatically.</p>
</body>
</html>