AuthFilter Sanitizer Plugin Readme

Overview

A plugin for the Openfire Real-time communications server that removes entries for Openfire's authentication filter that are susceptible to abuse (CVE-2023-32315).

Installation

Copy the authfiltersanitizer.jar file into the plugins directory of your Openfire installation. The plugin will then be automatically deployed. To upgrade to a new version, copy the new authfiltersanitizer.jar file over the existing file.

Configuration

The plugin can be configured by using these Openfire system properties:

Using the Plugin

After the plugin has been installed, the Openfire authentication filter will be periodically cleaned from entries automatically.