We Keep Coding

I can not activate a new user with the url in mail. Page not found

When I register a new user :
- I receive a mail with activation link to activate this new user
- I tested in localhost and it works
- Deploy on production
- I tested and the link in production but it didn't find page
I updated my application-prod.yml application-dev.yml to receive the mails.
I changed my app.yml to remove the port 8080 in production with :
ports:
- 80:8080
My app.yml :
version: '2'
services:
mariage-app:
image: mylogin/mariage
environment:
- _JAVA_OPTIONS=-Xmx512m -Xms256m
- SPRING_PROFILES_ACTIVE=prod,swagger
- SPRING_DATASOURCE_URL=jdbc:mysql://mariage-mysql:3306/mariage?useUnicode=true&characterEncoding=utf8&useSSL=false
- JHIPSTER_SLEEP=10 # gives time for the database to boot before the application
ports:
- 80:8080
mariage-mysql:
extends:
file: mysql.yml
service: mariage-mysql
´´´
My application-prod.yml
´´´
# ===================================================================
# Spring Boot configuration for the "prod" profile.
#
# This configuration overrides the application.yml file.
#
# More information on profiles: https://www.jhipster.tech/profiles/
# More information on configuration properties: https://www.jhipster.tech/common-application-properties/
# ===================================================================
# ===================================================================
# Standard Spring Boot properties.
# Full reference is available at:
# http://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html
# ===================================================================
logging:
level:
ROOT: INFO
ch.ricreate.mariage: INFO
io.github.jhipster: INFO
spring:
devtools:
restart:
enabled: false
livereload:
enabled: false
datasource:
type: com.zaxxer.hikari.HikariDataSource
url: jdbc:mysql://localhost:3306/mariage?useUnicode=true&characterEncoding=utf8&useSSL=false&useLegacyDatetimeCode=false&serverTimezone=UTC
username: username
password: password
hikari:
poolName: Hikari
auto-commit: false
data-source-properties:
cachePrepStmts: true
prepStmtCacheSize: 250
prepStmtCacheSqlLimit: 2048
useServerPrepStmts: true
jpa:
database-platform: org.hibernate.dialect.MySQL5InnoDBDialect
database: MYSQL
show-sql: false
properties:
hibernate.id.new_generator_mappings: true
hibernate.connection.provider_disables_autocommit: true
hibernate.cache.use_second_level_cache: true
hibernate.cache.use_query_cache: false
hibernate.generate_statistics: true
hibernate.cache.region.factory_class: com.hazelcast.hibernate.HazelcastCacheRegionFactory
hibernate.cache.hazelcast.instance_name: mariage
hibernate.cache.use_minimal_puts: true
hibernate.cache.hazelcast.use_lite_member: true
liquibase:
contexts: prod
mail:
host: smtp.mymail.ch
port: 587
username: mymail#mymail.ch
password: password
tls: true
properties.mail.smtp:
auth: true
starttls.enable: true
ssl.trust: smtp.mymail.ch
thymeleaf:
cache: true
# ===================================================================
# To enable TLS in production, generate a certificate using:
# keytool -genkey -alias mariage -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore keystore.p12 -validity 3650
#
# You can also use Let's Encrypt:
# https://maximilian-boehm.com/hp2121/Create-a-Java-Keystore-JKS-from-Let-s-Encrypt-Certificates.htm
#
# Then, modify the server.ssl properties so your "server" configuration looks like:
#
# server:
# port: 443
# ssl:
# key-store: classpath:config/tls/keystore.p12
# key-store-password: password
# key-store-type: PKCS12
# key-alias: mariage
# # The ciphers suite enforce the security by deactivating some old and deprecated SSL cipher, this list was tested against SSL Labs (https://www.ssllabs.com/ssltest/)
# ciphers: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 ,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
# ===================================================================
server:
port: 8080
compression:
enabled: true
mime-types: text/html,text/xml,text/plain,text/css, application/javascript, application/json
min-response-size: 1024
# ===================================================================
# JHipster specific properties
#
# Full reference is available at: https://www.jhipster.tech/common-application-properties/
# ===================================================================
jhipster:
http:
version: V_1_1 # To use HTTP/2 you will need SSL support (see above the "server.ssl" configuration)
cache: # Used by the CachingHttpHeadersFilter
timeToLiveInDays: 1461
cache: # Cache configuration
hazelcast: # Hazelcast distributed cache
time-to-live-seconds: 3600
backup-count: 1
management-center: # Full reference is available at: http://docs.hazelcast.org/docs/management-center/3.9/manual/html/Deploying_and_Starting.html
enabled: false
update-interval: 3
url:
security:
authentication:
jwt:
# This token must be encoded using Base64 and be at least 256 bits long (you can type `openssl rand -base64 64` on your command line to generate a 512 bits one)
# As this is the PRODUCTION configuration, you MUST change the default key, and store it securely:
# - In the JHipster Registry (which includes a Spring Cloud Config server)
# - In a separate `application-prod.yml` file, in the same folder as your executable WAR file
# - In the `JHIPSTER_SECURITY_AUTHENTICATION_JWT_BASE64_SECRET` environment variable
base64-secret: MY BASE 64 KEY...
# Token is valid 24 hours
token-validity-in-seconds: 86400
token-validity-in-seconds-for-remember-me: 2592000
mail: # specific JHipster mail property, for standard properties see MailProperties
from: mymail#mymail
base-url: http://www.mydomain.ch
metrics:
logs: # Reports metrics in the logs
enabled: false
report-frequency: 60 # in seconds
logging:
logstash: # Forward logs to logstash over a socket, used by LoggingConfiguration
enabled: false
host: localhost
port: 5000
queue-size: 512
# ===================================================================
# Application specific properties
# Add your own application properties here, see the ApplicationProperties class
# to have type-safe configuration, like in the JHipsterProperties above
#
# More documentation is available at:
# https://www.jhipster.tech/common-application-properties/
# ===================================================================
# application:
I have this error messages :
3www.mydomain.ch/:13 GET http://www.mydomain.ch/main.3f34c02a7b8ec7cd9bd5.js net::ERR_ABORTED 404 (Not Found)
(index):1 Refused to apply style from 'http://www.mydomain.ch/styles.676f69d3635eaaafa540.css' because its MIME type ('application/json') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
2www.mydomain.ch/:13 GET http://www.mydomain.ch/polyfills.9d3a8743be9f041e6ba8.js net::ERR_ABORTED 404 (Not Found)

Did you change the template templates/mail/activationEmail.html ?

Ejabberd: Failed to start BOSH session when connecting from client

Today I upgraded a server from Ubuntu 16.04 to 18.04, this also included a jump from ejabberd 16.01 to 18.01. Now we got a problem connecting from the client (using strophe.js)
[info] <0.359.0>#ejabberd_listener:accept:302 (<0.876.0>) Accepted connection 127.0.0.1:60552 -> 127.0.0.1:8088
[error] <0.876.0>#ejabberd_bosh:start:133 Failed to start BOSH session: {error,{noproc,{gen_server,call,[ejabberd_c2s_sup,{start_child,[{xmpp_socket,{socket_state,ejabberd_bosh,{http_bind,<0.877.0>,{{9x,1xx,2xx,1xx},60552}},infinity,undefined,none,<0.877.0>}},[{receiver,<0.877.0>},{xml_socket,true}]]},infinity]}}}
[error] <0.877.0>#gen_server:call CRASH REPORT Process <0.877.0> with 0 neighbours exited with reason: no such process or port in call to gen_server:call(ejabberd_c2s_sup, {start_child,[{xmpp_socket,{socket_state,ejabberd_bosh,{http_bind,<0.877.0>,{{9x,1xx,2xx,1xx},60552}},...}},...]}, infinity) in p1_fsm:init_it/6 line 392
[error] <0.617.0>#gen_server:call Supervisor 'mod_bosh_chat3.myserver.com' had child undefined started with {ejabberd_bosh,start_link,undefined} at <0.877.0> exit with reason no such process or port in call to gen_server:call(ejabberd_c2s_sup, {start_child,[{xmpp_socket,{socket_state,ejabberd_bosh,{http_bind,<0.877.0>,{{9x,1xx,2xx,1xx},60552}},...}},...]}, infinity) in context child_terminated
I am aware that mod_http_bind is replaced by mod_bosh. Clients connect through apache proxy from port 80 to 8088. Requesting :80/http-bind/ will therefore be passed to :8088/bosh/
I also wiped the mnesia database completely, after the upgrade to make sure it was not corrupt or deprecated.
According to this question, I also checked that curl is enabled.
At loglevel debug, the mod_bosh module seems to be started:
[debug] <0.329.0>#gen_mod:start_module:193 loading mod_bosh at jabber.myserver.com
[debug] <0.329.0>#gen_mod:start_module:193 loading mod_push at jabber.myserver.com
[debug] <0.600.0> Supervisor ejabberd_gen_mod_sup started ejabberd_tmp_sup:start_link('mod_bosh_jabber.myserver.com', ejabberd_bosh) at pid <0.651.0>
This is my complete config:
loglevel: 5
log_rotate_size: 0
log_rotate_date: ""
log_rate_limit: 100
hosts:
- "localhost"
- "jabber.myserver.com"
- "chat3.myserver.com"
- "test-chat3.myserver.com"
define_macro:
'TLS_CIPHERS': "HIGH:!aNULL:!eNULL:!3DES:#STRENGTH"
'TLS_OPTIONS':
- "no_sslv3"
- "no_tlsv1"
- "cipher_server_preference"
- "no_compression"
c2s_ciphers: 'TLS_CIPHERS'
s2s_ciphers: 'TLS_CIPHERS'
c2s_protocol_options: 'TLS_OPTIONS'
s2s_protocol_options: 'TLS_OPTIONS'
listen:
-
port: 8088
ip: "127.0.0.1"
module: ejabberd_http
request_handlers:
"/bosh": mod_bosh
web_admin: true
tls: false
disable_sasl_mechanisms: "digest-md5"
s2s_use_starttls: false
auth_password_format: plain
auth_method: sql
sql_type: mysql
sql_server: "10.0.0.51"
sql_database: "databasename"
sql_username: "username"
sql_password: "secret-as-hell"
shaper:
normal: 1000
fast: 50000
max_fsm_queue: 10000
acl:
admin:
user:
- "": "localhost"
- "admin": "test-chat3.myserver.com"
- "admin": "chat3.myserver.com"
local:
user_regexp: ""
loopback:
ip:
- "127.0.0.0/8"
shaper_rules:
max_user_sessions: 10
max_user_offline_messages:
- 5000: admin
- 100
c2s_shaper:
- none: admin
- normal
s2s_shaper: fast
access_rules:
local:
- allow: local
c2s:
- deny: blocked
- allow
announce:
- allow: admin
configure:
- allow: admin
muc_create:
- allow: local
pubsub_createnode:
- allow: local
register:
- allow
trusted_network:
- allow: loopback
api_permissions:
"console commands":
from:
- ejabberd_ctl
who: all
what: "*"
"admin access":
who:
- access:
- allow:
- acl: loopback
- acl: admin
- oauth:
- scope: "ejabberd:admin"
- access:
- allow:
- acl: loopback
- acl: admin
what:
- "*"
- "!stop"
- "!start"
"public commands":
who:
- ip: "127.0.0.1/8"
what:
- "status"
- "connected_users_number"
language: "en"
acme:
contact: "mailto:example-admin#example.com"
ca_url: "https://acme-v01.api.letsencrypt.org"
modules:
mod_adhoc: {}
mod_admin_extra: {}
mod_announce: # recommends mod_adhoc
access: announce
mod_blocking: {} # requires mod_privacy
mod_caps: {}
mod_carboncopy: {}
mod_client_state: {}
mod_configure: {} # requires mod_adhoc
mod_disco: {}
mod_echo: {}
mod_irc: {}
mod_bosh: {}
mod_last: {}
mod_muc:
access:
- allow
access_admin:
- allow: admin
access_create: muc_create
access_persistent: muc_create
mod_muc_admin: {}
mod_offline:
access_max_user_messages: max_user_offline_messages
mod_ping: {}
mod_privacy: {}
mod_private: {}
mod_pubsub:
access_createnode: pubsub_createnode
ignore_pep_from_offline: true
last_item_cache: false
plugins:
- "flat"
- "hometree"
- "pep" # pep requires mod_caps
mod_push: {}
mod_push_keepalive: {}
mod_roster:
versioning: true
mod_shared_roster: {}
mod_stats: {}
mod_time: {}
mod_vcard:
search: false
mod_vcard_xupdate: {}
mod_version: {}
mod_stream_mgmt:
resend_on_timeout: if_offline
mod_s2s_dialback: {}
mod_http_api: {}
allow_contrib_modules: true
Any hints is greatly appreciated :-)

The problem in your configuration seems that you removed ejabberd_c2s listener. It is needed, and you can see it mentioned in the error message. So, the problem is solved by adding it, at least in my case, for example:
listen:
-
port: 5222
module: ejabberd_c2s
-
port: 8088
ip: "127.0.0.1"
module: ejabberd_http
request_handlers:
"/bosh": mod_bosh
web_admin: true
tls: false
Such a requirement is not mentioned in the ejabberd documentation, so I've added it now.

UPDATE: Forget everything below. Please see the answer from Badlop
Did a complete reinstall of ejabberd:
apt-get --purge autoremove ejabberd
(make sure /etc/ejabberd is empty)
apt-get update
apt-get upgrade
apt-get install ejabberd
Here the relevant parts of ejabberd.yml. I didn't change anything else:
hosts:
- "localhost"
- "chat3.myserver.com" <- the public domain
listen:
-
port: 5222
...
-
port: 5269
...
-
##port: 5280
port: 8088 <- use any port you like
ip: "127.0.0.1" <- listen only on localhost
module: ejabberd_http
request_handlers:
"/ws": ejabberd_http_ws
"/bosh": mod_bosh
"/api": mod_http_api
## "/pub/archive": mod_http_fileserver
web_admin: true
## register: true
## captcha: true
tls: false <- no need for tls on localhost
protocol_options: 'TLS_OPTIONS'
auth_method: sql
sql_type: mysql
sql_server: "server"
sql_database: "ejabberd_live"
sql_username: "ejabberd"
sql_password: "secret"
acl:
admin:
user:
- "": "localhost"
- "admin": "chat3.myserver.com"
And just if you are wondering about my proxy configuration in apache. These are the relevant lines of my chat3.myserver.com virtual host:
ProxyPass /http-bind/ http://127.0.0.1:8088/bosh
ProxyPassReverse /http-bind/ http://127.0.0.1:8088/bosh
ProxyPass /admin/ http://127.0.0.1:8088/admin/
ProxyPassReverse /admin/ http://127.0.0.1:8088/admin/
You will of cause also need to get the mysql database schema from here ... and so on...
I have no idea what caused the connection error. I guess the upgrade of ejabberd was somehow faulty. At least I am pretty sure that this was not a known bug. I crawled the internet for 4 hours without finding anything like it with this version of ejabberd (18.01). And also the error message - even under loglevel 5 - was extremely vague. If this had been a configuration error, I am sure the error messages would have been a lot more specific.

ejabberd how to get admin link active?

(this is not a local machine problem nor local server)
I'm not able to connect admin on my domain and server ip too
mydomain.com:5280/admin/
on ssh terminal i started ejabberd , status is:
The node 'ejabberd#mydomain.com' is started with status: started
ejabberd 15.11 is running in that node
why im not able to connect it on domain and server ip? is there any way to check on which link i can open admin?
I installed it on ubuntu server, ejabberd.yml file is
###
###' ejabberd configuration file
###
###
### The parameters used in this configuration file are explained in more detail
### in the ejabberd Installation and Operation Guide.
### Please consult the Guide in case of doubts, it is included with
### your copy of ejabberd, and is also available online at
### http://www.process-one.net/en/ejabberd/docs/
### The configuration file is written in YAML.
### Refer to http://en.wikipedia.org/wiki/YAML for the brief description.
### However, ejabberd treats different literals as different types:
###
### - unquoted or single-quoted strings. They are called "atoms".
### Example: dog, 'Jupiter', '3.14159', YELLOW
###
### - numeric literals. Example: 3, -45.0, .0
###
### - quoted or folded strings.
### Examples of quoted string: "Lizzard", "orange".
### Example of folded string:
### > Art thou not Romeo,
### and a Montague?
###. =======
###' LOGGING
##
## loglevel: Verbosity of log files generated by ejabberd.
## 0: No ejabberd log at all (not recommended)
## 1: Critical
## 2: Error
## 3: Warning
## 4: Info
## 5: Debug
## loglevel: 4
##
## rotation: Describe how to rotate logs. Either size and/or date can trigger
## log rotation. Setting count to N keeps N rotated logs. Setting count to 0
## does not disable rotation, it instead rotates the file and keeps no previous
## versions around. Setting size to X rotate log when it reaches X bytes.
## To disable rotation set the size to 0 and the date to ""
## Date syntax is taken from the syntax newsyslog uses in newsyslog.conf.
## Some examples:
## $D0 rotate every night at midnight
## $D23 rotate every day at 23:00 hr
## $W0D23 rotate every week on Sunday at 23:00 hr
## $W5D16 rotate every week on Friday at 16:00 hr
## $M1D0 rotate on the first day of every month at midnight
## $M5D6 rotate on every 5th day of the month at 6:00 hr
## log_rotate_size: 10485760 log_rotate_date: "" log_rotate_count: 1
##
## overload protection: If you want to limit the number of messages per second
## allowed from error_logger, which is a good idea if you want to avoid a flood
## of messages when system is overloaded, you can set a limit.
## 100 is ejabberd's default. log_rate_limit: 100
##
## watchdog_admins: Only useful for developers: if an ejabberd process
## consumes a lot of memory, send live notifications to these XMPP
## accounts.
##
## watchdog_admins:
## - "admin#mydomain.com"
###. ===============
###' NODE PARAMETERS
##
## net_ticktime: Specifies net_kernel tick time in seconds. This options must have
## identical value on all nodes, and in most cases shouldn't be changed at all from
## default value.
##
## net_ticktime: 60
###. ================
###' SERVED HOSTNAMES
##
## hosts: Domains served by ejabberd.
## You can define one or several, for example:
## hosts:
## - "example.net"
## - "example.com"
## - "example.org"
## hosts:
- "mydomain.com" # server domain
- "192.168.1.1" # my server ip address
##
## route_subdomains: Delegate subdomains to other XMPP servers.
## For example, if this ejabberd serves example.org and you want
## to allow communication with an XMPP server called im.example.org.
##
## route_subdomains: s2s
###. ===============
###' LISTENING PORTS
##
## listen: The ports ejabberd will listen on, which service each is handled
## by and what options to start it with.
## listen:
-
port: 5222
module: ejabberd_c2s
certfile: "/home/jack/ejabberd/conf/server.pem"
starttls: true
## To enforce TLS encryption for client connections,
## use this instead of the "starttls" option:
## starttls_required: true
##
## Custom OpenSSL options
##
protocol_options:
- "no_sslv3"
## - "no_tlsv1"
max_stanza_size: 65536
shaper: c2s_shaper
access: c2s
-
port: 5269
module: ejabberd_s2s_in
max_stanza_size: 131072
shaper: s2s_shaper ## ## ejabberd_service: Interact with external components (transports, ...) ## ## - ## port: 8888
## module: ejabberd_service ## access: all ## shaper_rule: fast ## ip: "127.0.0.1" ## hosts: ## "icq.example.org":
## password: "secret" ## "sms.example.org": ## password: "secret"
## ## ejabberd_stun: Handles STUN Binding requests ## ## -
## port: 3478 ## transport: udp ## module: ejabberd_stun
## ## To handle XML-RPC requests that provide admin credentials:
## ## - ## port: 4560 ## module: ejabberd_xmlrpc ## maxsessions: 10 ## timeout: 5000 ## access_commands: ##
xmlrpc: ## commands: all ## options: []
-
port: 5280
module: ejabberd_http
request_handlers:
"/websocket": ejabberd_http_ws
"/bosh": mod_bosh
"/oauth": ejabberd_oauth
"/api": mod_http_api
## "/pub/archive": mod_http_fileserver
web_admin: true
http_bind: true
register: true
captcha: false
###. ==================
###' S2S GLOBAL OPTIONS
##
## s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
## Allowed values are: false optional required required_trusted
## You must specify a certificate file.
##
## s2s_use_starttls: optional
##
## s2s_certfile: Specify a certificate file.
##
## s2s_certfile: "/home/jack/ejabberd/conf/server.pem"
## Custom OpenSSL options
##
## s2s_protocol_options:
## - "no_sslv3"
## - "no_tlsv1"
##
## domain_certfile: Specify a different certificate for each served hostname.
##
## host_config:
## "example.org":
## domain_certfile: "/home/jack/ejabberd/conf/example_org.pem"
## "example.com":
## domain_certfile: "/home/jack/ejabberd/conf/example_com.pem"
##
## S2S whitelist or blacklist
##
## Default s2s policy for undefined hosts.
##
## s2s_access: s2s
##
## Outgoing S2S options
##
## Preferred address families (which to try first) and connect timeout
## in milliseconds.
##
## outgoing_s2s_families:
## - ipv4
## - ipv6
## outgoing_s2s_timeout: 10000
###. ==============
###' AUTHENTICATION
##
## auth_method: Method used to authenticate the users.
## The default method is the internal.
## If you want to use a different method,
## comment this line and enable the correct ones.
## auth_method: internal
##
## Store the plain passwords or hashed for SCRAM:
## auth_password_format: plain
## auth_password_format: scram
##
## Define the FQDN if ejabberd doesn't detect it:
## fqdn: "server3.example.com"
##
## Authentication using external script
## Make sure the script is executable by ejabberd.
##
## auth_method: external
## extauth_program: "/path/to/authentication/script"
##
## Authentication using ODBC
## Remember to setup a database in the next section.
##
## auth_method: odbc
##
## Authentication using PAM
##
## auth_method: pam
## pam_service: "pamservicename"
##
## Authentication using LDAP
##
## auth_method: ldap
##
## List of LDAP servers:
## ldap_servers:
## - "localhost"
##
## Encryption of connection to LDAP servers:
## ldap_encrypt: none
## ldap_encrypt: tls
##
## Port to connect to on LDAP servers:
## ldap_port: 389
## ldap_port: 636
##
## LDAP manager:
## ldap_rootdn: "dc=example,dc=com"
##
## Password of LDAP manager:
## ldap_password: "******"
##
## Search base of LDAP directory:
## ldap_base: "dc=example,dc=com"
##
## LDAP attribute that holds user ID:
## ldap_uids:
## - "mail": "%u#mail.example.org"
##
## LDAP filter:
## ldap_filter: "(objectClass=shadowAccount)"
##
## Anonymous login support:
## auth_method: anonymous
## anonymous_protocol: sasl_anon | login_anon | both
## allow_multiple_connections: true | false
##
## host_config:
## "public.example.org":
## auth_method: anonymous
## allow_multiple_connections: false
## anonymous_protocol: sasl_anon
##
## To use both anonymous and internal authentication:
##
## host_config:
## "public.example.org":
## auth_method:
## - internal
## - anonymous
###. ==============
###' DATABASE SETUP
## ejabberd by default uses the internal Mnesia database,
## so you do not necessarily need this section.
## This section provides configuration examples in case
## you want to use other database backends.
## Please consult the ejabberd Guide for details on database creation.
##
## MySQL server:
##
## odbc_type: mysql
## odbc_server: "server"
## odbc_database: "database"
## odbc_username: "username"
## odbc_password: "password"
##
## If you want to specify the port:
## odbc_port: 1234
##
## PostgreSQL server:
##
## odbc_type: pgsql
## odbc_server: "server"
## odbc_database: "database"
## odbc_username: "username"
## odbc_password: "password"
##
## If you want to specify the port:
## odbc_port: 1234
##
## If you use PostgreSQL, have a large database, and need a
## faster but inexact replacement for "select count(*) from users"
##
## pgsql_users_number_estimate: true
##
## SQLite:
##
## odbc_type: sqlite
## odbc_database: "/home/jack/ejabberd/database/ejabberd.db"
##
## ODBC compatible or MSSQL server:
##
## odbc_type: odbc
## odbc_server: "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"
##
## Number of connections to open to the database for each virtual host
##
## odbc_pool_size: 10
##
## Interval to make a dummy SQL request to keep the connections to the
## database alive. Specify in seconds: for example 28800 means 8 hours
##
## odbc_keepalive_interval: undefined
###. ===============
###' TRAFFIC SHAPERS
shaper: ## ## The "normal" shaper limits traffic speed to 1000 B/s
## normal: 1000
## ## The "fast" shaper limits traffic speed to 50000 B/s ##
fast: 50000
##
## This option specifies the maximum number of elements in the queue
## of the FSM. Refer to the documentation for details.
## max_fsm_queue: 1000
###. ====================
###' ACCESS CONTROL LISTS acl: ## ## The 'admin' ACL grants administrative privileges to XMPP accounts. ## You can put here as
many accounts as you want. ## admin:
user:
- "admin": "mydomain.com"
## ## Blocked users ## ## blocked: ## user: ## -
"baduser": "example.org" ## - "test"
## Local users: don't modify this. ## local:
user_regexp: ""
## ## More examples of ACLs ## ## jabberorg: ## server:
## - "jabber.org" ## aleksey: ## user: ## - "aleksey": "jabber.ru" ## test: ## user_regexp: "^test" ## user_glob:
"test*"
## ## Loopback network ## loopback:
ip:
- "192.168.1.1" #added server ip address
- "::1/128"
- "::FFFF:127.0.0.1/128" ## ## Bad XMPP servers ## ## bad_servers: ## server: ## - "xmpp.zombie.org" ## -
"xmpp.spam.com"
##
## Define specific ACLs in a virtual host.
##
## host_config:
## "localhost":
## acl:
## admin:
## user:
## - "bob-local": "localhost"
###. ============
###' ACCESS RULES access_rules: ## Maximum number of simultaneous sessions allowed for a single user: max_user_sessions:
all: 10 ## Maximum number of offline messages that users can have: max_user_offline_messages:
admin: 5000
all: 100 ## This rule allows access only for local users: local:
local: allow ## Only non-blocked users can use c2s connections: c2s:
blocked: deny
all: allow ## For C2S connections, all users except admins use the "normal" shaper c2s_shaper:
admin: none
all: normal ## All S2S connections use the "fast" shaper s2s_shaper:
all: fast ## Only admins can send announcement messages: announce:
admin: allow ## Only admins can use the configuration interface: configure:
admin: allow ## Admins of this server are also admins of the MUC service: muc_admin:
admin: allow ## Only accounts of the local ejabberd server can create rooms: muc_create:
local: allow ## All users are allowed to use the MUC service: muc:
all: allow ## Only accounts on the local ejabberd server can create Pubsub nodes: pubsub_createnode:
local: allow ## In-band registration allows registration of any possible username. ## To disable in-band registration, replace
'allow' with 'deny'. register:
all: allow ## Only allow to register from localhost trusted_network:
loopback: allow ## Do not establish S2S connections with bad servers ## s2s: ## bad_servers: deny ## all: allow
## By default the frequency of account registrations from the same IP
## is limited to 1 account every 10 minutes. To disable, specify: infinity registration_timeout: infinity
##
## Define specific Access Rules in a virtual host.
##
## host_config:
## "localhost":
## access:
## c2s:
## admin: allow
## all: deny
## register:
## all: deny
###. ================
###' DEFAULT LANGUAGE
##
## language: Default language used for server messages.
## language: "en"
##
## Set a different default language in a virtual host.
##
## host_config:
## "localhost":
## language: "ru"
###. =======
###' CAPTCHA
##
## Full path to a script that generates the image.
##
## captcha_cmd: "/home/jack/ejabberd/lib/ejabberd-15.11/priv/bin/captcha.sh"
##
## Host for the URL and port where ejabberd listens for CAPTCHA requests.
##
## captcha_host: "example.org:5280"
##
## Limit CAPTCHA calls per minute for JID/IP to avoid DoS.
##
## captcha_limit: 5
###. =======
###' MODULES
##
## Modules enabled in all ejabberd virtual hosts.
## modules: mod_adhoc: {} mod_admin_extra: {} mod_announce: # recommends mod_adhoc
access: announce mod_blocking: {} # requires mod_privacy mod_caps: {} mod_carboncopy: {} mod_client_state: {}
mod_configure: {} # requires mod_adhoc mod_disco: {} ## mod_echo:
{} ## mod_irc: {} mod_http_bind: {} ## mod_http_fileserver: ##
docroot: "/var/www" ## accesslog:
"/home/jack/ejabberd/logs/access.log" mod_last: {} mod_muc:
## host: "conference.#HOST#"
access: muc
access_create: muc_create
access_persistent: muc_create
access_admin: muc_admin mod_muc_admin: {} ## mod_muc_log: {} ## mod_multicast: {} mod_offline:
access_max_user_messages: max_user_offline_messages mod_ping: {} ## mod_pres_counter: ## count: 5 ## interval: 60 mod_privacy: {} mod_private: {} ## mod_proxy65: {} mod_pubsub:
access_createnode: pubsub_createnode
## reduces resource comsumption, but XEP incompliant
ignore_pep_from_offline: true
## XEP compliant, but increases resource comsumption
## ignore_pep_from_offline: false
last_item_cache: false
plugins:
- "flat"
- "hometree"
- "pep" # pep requires mod_caps mod_register:
##
## Protect In-Band account registrations with CAPTCHA.
##
## captcha_protected: true
##
## Set the minimum informational entropy for passwords.
##
## password_strength: 32
##
## After successful registration, the user receives
## a message with this subject and body.
##
welcome_message:
subject: "Welcome!"
body: |-
Hi.
Welcome to this XMPP server.
##
## When a user registers, send a notification to
## these XMPP accounts.
##
## registration_watchers:
## - "admin1#example.org"
##
## Only clients in the server machine can register accounts
##
## ip_access: trusted_network
##
## Local c2s or remote s2s users cannot register accounts
##
## access_from: deny
access_from: register mod_roster: {} mod_shared_roster: {} ## mod_stats: {} ## mod_time: {} mod_vcard: {} mod_version: {}
##
## Enable modules with custom options in a specific virtual host
##
## host_config:
## "localhost":
## modules:
## mod_echo:
## host: "mirror.localhost"
##
## Enable modules management via ejabberdctl for installation and
## uninstallation of public/private contributed modules
## (enabled by default)
##
allow_contrib_modules: true
###.
###'
### Local Variables:
### mode: yaml
### End:
### vim: set filetype=yaml tabstop=8 foldmarker=###',###. foldmethod=marker:

After trying lot on virtual server , i got to know from server providers they cant open outbound ip for 5280 , 5222 which require to run mydomain.com:5280/admin web admin interface. and its not open for users.
Inbound ip is open for us , so the reason im able to access it by ssh. and on ssh terminal i started ejabberd.
Solution : server must need to open inbound and outbound ports. i updated my server and able to open ports on server. which works then.

ejabberd doesn't store roster persistently

I'm running ejabberd in Kubernetes using the following image: https://hub.docker.com/r/jprjr/ejabberd/
I've tried to test persistency by removing an account from Pidgin and adding it again. Pidgin does not load the previously added roster.
I tried Mnesia and Postgres. The Postgres database seems to be untouched by ejabberd but I don't get any erros in the logs either.
Any ideas, what could cause this behavior?
My configuration:
hosts: ["example.com"]
loglevel: 4
hide_sensitive_log_data: true
listen:
- port: 5222
module: ejabberd_c2s
access: c2s
shaper: c2s_shaper
zlib: true
starttls_required: true
starttls: true
certfile: "/etc/ejabberd/ejabberd.pem"
- port: 5269
module: ejabberd_s2s_in
shaper: s2s_shaper
max_stanza_size: 65536
s2s_use_starttls: true
s2s_certfile: "/etc/ejabberd/ejabberd.pem"
transport: tcp
auth_method: [ldap]
ldap_servers: ["ldap.example.com"]
ldap_port: 389
ldap_rootdn: "CN=ejabberd,OU=ServiceAccounts,DC=example,DC=com"
ldap_password: "*********"
ldap_base: "OU=User,DC=example,DC=com"
ldap_uids:
- "sAMAccountName": "%u"
ldap_filter: "(&(objectClass=user)(memberof=CN=ejabberdUsers,CN=Users,DC=example,DC=com))"
# tried with and w/o
# default_db: odbc
# sm_db_type: odbc
# odbc_type: pgsql
# odbc_server: "db.example.com"
# odbc_password: "********"
# odbc_port: 10051
shaper:
normal: 1000
fast: 50000
acl:
admin:
user:
"admin1": "example.com"
"admin2": "example.com"
access:
local:
local: allow
c2s:
blocked: deny
all: allow

ejabberd store roster persistently.
you need to enable mod_roster in ejabberd configuration file and database setting what you want for example
mod_roster:
db_type: odbc
it seems you are missing configuration for more detail of configuration check these links.
https://github.com/processone/ejabberd/blob/master/test/ejabberd_SUITE_data/ejabberd.yml
https://www.process-one.net/docs/ejabberd/guide_en.html

Exception in create user on ejabberd using Smack

I have a client code on server which create user on ejabberd using admin login following is my code for creating user
public Response registerNewUser(NewUserInfo info){
logger.info("start : registerNewUser");
ConnectionConfiguration conf = new ConnectionConfiguration("IISD43", 5222);
con.connect();
con.login("admin","admin");
XMPPConnection con = new XMPPConnection(conf);
AccountManager accountManger = con.getAccountManager();
try {
System.out.println(accountManger.supportsAccountCreation());
accountManger.createAccount(info.getPhoneNumber(), "test"+info.getPhoneNumber());
return new Response(200,"User Registered");
} catch (XMPPException e) {
e.printStackTrace();
logger.error("failed to create new user for userInfo "+info.getPhoneNumber()+" "+e);
return new Response(400, "User Not Registered");
}catch(Exception e){
e.printStackTrace();
return new Response(400, "User Not Registered");
}finally{
logger.info("end : registerNewUser");
}
}
the SYSO prints True
Error :
forbidden(403)
at org.jivesoftware.smack.AccountManager.createAccount(AccountManager.java:240)
at com.notificationprocessor.impl.XMPPRequestManger.registerNewUser(XMPPRequestManger.java:52)
at com.notificationprocessor.controller.RequestManager.createNotificationClient(RequestManager.java:34)
My ejabbered is on Windows machine it yml file is
as follows
###
### ejabberd configuration file
###
###
### The parameters used in this configuration file are explained in more detail
### in the ejabberd Installation and Operation Guide.
### Please consult the Guide in case of doubts, it is included with
### your copy of ejabberd, and is also available online at
### http://www.process-one.net/en/ejabberd/docs/
### The configuration file is written in YAML.
### Refer to http://en.wikipedia.org/wiki/YAML for the brief description.
### However, ejabberd treats different literals as different types:
###
### - unquoted or single-quoted strings. They are called "atoms".
### Example: dog, 'Jupiter', '3.14159', YELLOW
###
### - numeric literals. Example: 3, -45.0, .0
###
### - quoted or folded strings.
### Examples of quoted string: "Lizzard", "orange".
### Example of folded string:
### > Art thou not Romeo,
### and a Montague?
### =======
### LOGGING
##
## loglevel: Verbosity of log files generated by ejabberd.
## 0: No ejabberd log at all (not recommended)
## 1: Critical
## 2: Error
## 3: Warning
## 4: Info
## 5: Debug
##
loglevel: 4
##
## rotation: Describe how to rotate logs. Either size and/or date can trigger
## log rotation. Setting count to N keeps N rotated logs. Setting count to 0
## does not disable rotation, it instead rotates the file and keeps no previous
## versions around. Setting size to X rotate log when it reaches X bytes.
## To disable rotation set the size to 0 and the date to ""
## Date syntax is taken from the syntax newsyslog uses in newsyslog.conf.
## Some examples:
## $D0 rotate every night at midnight
## $D23 rotate every day at 23:00 hr
## $W0D23 rotate every week on Sunday at 23:00 hr
## $W5D16 rotate every week on Friday at 16:00 hr
## $M1D0 rotate on the first day of every month at midnight
## $M5D6 rotate on every 5th day of the month at 6:00 hr
##
log_rotate_size: 10485760
log_rotate_date: ""
log_rotate_count: 1
##
## overload protection: If you want to limit the number of messages per second
## allowed from error_logger, which is a good idea if you want to avoid a flood
## of messages when system is overloaded, you can set a limit.
## 100 is ejabberd's default.
log_rate_limit: 100
##
## watchdog_admins: Only useful for developers: if an ejabberd process
## consumes a lot of memory, send live notifications to these XMPP
## accounts.
##
## watchdog_admins:
## - "admin#IISD43"
### ================
### SERVED HOSTNAMES
##
## hosts: Domains served by ejabberd.
## You can define one or several, for example:
## hosts:
## - "example.net"
## - "example.com"
## - "example.org"
##
hosts:
- "IISD43"
##
## route_subdomains: Delegate subdomains to other XMPP servers.
## For example, if this ejabberd serves example.org and you want
## to allow communication with an XMPP server called im.example.org.
##
## route_subdomains: s2s
### ===============
### LISTENING PORTS
##
## listen: The ports ejabberd will listen on, which service each is handled
## by and what options to start it with.
##
listen:
-
port: 5222
module: ejabberd_c2s
max_stanza_size: 65536
shaper: c2s_shaper
access: c2s
starttls: true
certfile: "C:\\Users\\IISU43\\AppData\\Roaming\\ejabberd\\conf\\server.pem"
## Custom OpenSSL options
##
## protocol_options:
## - "no_sslv3"
## - "no_tlsv1"
-
port: 5269
module: ejabberd_s2s_in
max_stanza_size: 131072
shaper: s2s_shaper
##
## ejabberd_service: Interact with external components (transports, ...)
##
## -
## port: 8888
## module: ejabberd_service
## access: all
## shaper_rule: fast
## ip: "127.0.0.1"
## hosts:
## "icq.example.org":
## password: "secret"
## "sms.example.org":
## password: "secret"
##
## ejabberd_stun: Handles STUN Binding requests
##
## -
## port: 3478
## transport: udp
## module: ejabberd_stun
##
## To handle XML-RPC requests that provide admin credentials:
##
## -
## port: 4560
## module: ejabberd_xmlrpc
-
port: 5280
module: ejabberd_http
request_handlers:
"/websocket": ejabberd_http_ws
# "/pub/archive": mod_http_fileserver
web_admin: true
http_poll: false
http_bind: true
## register: true
captcha: false
##
## s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
## Allowed values are: false optional required required_trusted
## You must specify a certificate file.
##
## s2s_use_starttls: optional
##
## s2s_certfile: Specify a certificate file.
##
## s2s_certfile: "C:\\Users\\IISU43\\AppData\\Roaming\\ejabberd\\conf\\server.pem"
## Custom OpenSSL options
##
## s2s_protocol_options:
## - "no_sslv3"
## - "no_tlsv1"
##
## domain_certfile: Specify a different certificate for each served hostname.
##
## host_config:
## "example.org":
## domain_certfile: "C:\\Users\\IISU43\\AppData\\Roaming\\ejabberd\\conf\\example_org.pem"
## "example.com":
## domain_certfile: "C:\\Users\\IISU43\\AppData\\Roaming\\ejabberd\\conf\\example_com.pem"
##
## S2S whitelist or blacklist
##
## Default s2s policy for undefined hosts.
##
## s2s_policy: s2s
##
## Outgoing S2S options
##
## Preferred address families (which to try first) and connect timeout
## in milliseconds.
##
## outgoing_s2s_families:
## - ipv4
## - ipv6
## outgoing_s2s_timeout: 10000
### ==============
### AUTHENTICATION
##
## auth_method: Method used to authenticate the users.
## The default method is the internal.
## If you want to use a different method,
## comment this line and enable the correct ones.
##
auth_method: internal
##
## Store the plain passwords or hashed for SCRAM:
## auth_password_format: plain
## auth_password_format: scram
##
## Define the FQDN if ejabberd doesn't detect it:
## fqdn: "server3.example.com"
##
## Authentication using external script
## Make sure the script is executable by ejabberd.
##
## auth_method: external
## extauth_program: "/path/to/authentication/script"
##
## Authentication using ODBC
## Remember to setup a database in the next section.
##
## auth_method: odbc
##
## Authentication using PAM
##
## auth_method: pam
## pam_service: "pamservicename"
##
## Authentication using LDAP
##
## auth_method: ldap
##
## List of LDAP servers:
## ldap_servers:
## - "loalhost"
##
## Encryption of connection to LDAP servers:
## ldap_encrypt: none
## ldap_encrypt: tls
##
## Port to connect to on LDAP servers:
## ldap_port: 389
## ldap_port: 636
##
## LDAP manager:
## ldap_rootdn: "dc=example,dc=com"
##
## Password of LDAP manager:
## ldap_password: "******"
##
## Search base of LDAP directory:
## ldap_base: "dc=example,dc=com"
##
## LDAP attribute that holds user ID:
## ldap_uids:
## - "mail": "%u#mail.example.org"
##
## LDAP filter:
## ldap_filter: "(objectClass=shadowAccount)"
##
## Anonymous login support:
## auth_method: anonymous
## anonymous_protocol: sasl_anon | login_anon | both
## allow_multiple_connections: true | false
##
## host_config:
## "public.example.org":
## auth_method: anonymous
## allow_multiple_connections: false
## anonymous_protocol: sasl_anon
##
## To use both anonymous and internal authentication:
##
## host_config:
## "public.example.org":
## auth_method:
## - internal
## - anonymous
### ==============
### DATABASE SETUP
## ejabberd by default uses the internal Mnesia database,
## so you do not necessarily need this section.
## This section provides configuration examples in case
## you want to use other database backends.
## Please consult the ejabberd Guide for details on database creation.
##
## MySQL server:
##
## odbc_type: mysql
## odbc_server: "server"
## odbc_database: "database"
## odbc_username: "username"
## odbc_password: "password"
##
## If you want to specify the port:
## odbc_port: 1234
##
## PostgreSQL server:
##
## odbc_type: pgsql
## odbc_server: "server"
## odbc_database: "database"
## odbc_username: "username"
## odbc_password: "password"
##
## If you want to specify the port:
## odbc_port: 1234
##
## If you use PostgreSQL, have a large database, and need a
## faster but inexact replacement for "select count(*) from users"
##
## pgsql_users_number_estimate: true
##
## ODBC compatible or MSSQL server:
##
## odbc_type: odbc
## odbc_server: "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"
##
## Number of connections to open to the database for each virtual host
##
## odbc_pool_size: 10
##
## Interval to make a dummy SQL request to keep the connections to the
## database alive. Specify in seconds: for example 28800 means 8 hours
##
## odbc_keepalive_interval: undefined
### ===============
### TRAFFIC SHAPERS
shaper:
##
## The "normal" shaper limits traffic speed to 1000 B/s
##
normal: 1000
##
## The "fast" shaper limits traffic speed to 50000 B/s
##
fast: 50000
##
## This option specifies the maximum number of elements in the queue
## of the FSM. Refer to the documentation for details.
##
max_fsm_queue: 1000
###. ====================
###' ACCESS CONTROL LISTS
acl:
##
## The 'admin' ACL grants administrative privileges to XMPP accounts.
## You can put here as many accounts as you want.
##
admin:
user:
- "admin": "IISD43"
##
## Blocked users
##
## blocked:
## user:
## - "baduser": "example.org"
## - "test"
## Local users: don't modify this.
##
local:
user_regexp: ""
##
## More examples of ACLs
##
## jabberorg:
## server:
## - "jabber.org"
## aleksey:
## user:
## - "aleksey": "jabber.ru"
## test:
## user_regexp: "^test"
## user_glob: "test*"
##
## Loopback network
##
loopback:
ip:
- "127.0.0.0/8"
##
## Bad XMPP servers
##
## bad_servers:
## server:
## - "xmpp.zombie.org"
## - "xmpp.spam.com"
##
## Define specific ACLs in a virtual host.
##
## host_config:
## "localhost":
## acl:
## admin:
## user:
## - "bob-local": "localhost"
### ============
### ACCESS RULES
access:
## Maximum number of simultaneous sessions allowed for a single user:
max_user_sessions:
all: 10
## Maximum number of offline messages that users can have:
max_user_offline_messages:
admin: 5000
all: 100
## This rule allows access only for local users:
local:
local: allow
## Only non-blocked users can use c2s connections:
c2s:
blocked: deny
all: allow
## For C2S connections, all users except admins use the "normal" shaper
c2s_shaper:
admin: none
all: normal
## All S2S connections use the "fast" shaper
s2s_shaper:
all: fast
## Only admins can send announcement messages:
announce:
admin: allow
## Only admins can use the configuration interface:
configure:
admin: allow
## Admins of this server are also admins of the MUC service:
muc_admin:
admin: allow
## Only accounts of the local ejabberd server can create rooms:
muc_create:
local: allow
## All users are allowed to use the MUC service:
muc:
all: allow
## Only accounts on the local ejabberd server can create Pubsub nodes:
pubsub_createnode:
local: allow
## In-band registration allows registration of any possible username.
## To disable in-band registration, replace 'allow' with 'deny'.
register:
all: allow
## Only allow to register from localhost
trusted_network:
loopback: allow
## Do not establish S2S connections with bad servers
## s2s:
## bad_servers: deny
## all: allow
## By default the frequency of account registrations from the same IP
## is limited to 1 account every 10 minutes. To disable, specify: infinity
## registration_timeout: 600
##
## Define specific Access Rules in a virtual host.
##
## host_config:
## "localhost":
## access:
## c2s:
## admin: allow
## all: deny
## register:
## all: deny
### ================
### DEFAULT LANGUAGE
##
## language: Default language used for server messages.
##
language: "en"
##
## Set a different default language in a virtual host.
##
## host_config:
## "localhost":
## language: "ru"
### =======
### CAPTCHA
##
## Full path to a script that generates the image.
##
## captcha_cmd: "C:\\Program Files\\ejabberd-15.07\\lib\\ejabberd-15.07\\priv\\tools\\captcha.sh"
##
## Host for the URL and port where ejabberd listens for CAPTCHA requests.
##
## captcha_host: "example.org:5280"
##
## Limit CAPTCHA calls per minute for JID/IP to avoid DoS.
##
## captcha_limit: 5
### =======
### MODULES
##
## Modules enabled in all ejabberd virtual hosts.
##
modules:
mod_adhoc: []
mod_announce: # recommends mod_adhoc
access: announce
## mod_blocking: [] # requires mod_privacy
mod_caps: []
mod_carboncopy: []
mod_configure: [] # requires mod_adhoc
mod_disco: []
## mod_echo: []
## mod_irc: []
mod_http_bind: []
## mod_http_fileserver:
## docroot: "/var/www"
## accesslog: "C:\\Program Files\\ejabberd-15.07\\logs\\access.log"
mod_last: []
mod_muc:
## host: "conference.#HOST#"
access: muc
access_create: muc_create
access_persistent: muc_create
access_admin: muc_admin
## mod_muc_log: []
mod_offline:
access_max_user_messages: max_user_offline_messages
## mod_ping: []
## mod_pres_counter:
## count: 5
## interval: 60
mod_privacy: []
mod_private: []
## mod_proxy65: []
mod_pubsub:
access_createnode: pubsub_createnode
## reduces resource comsumption, but XEP incompliant
ignore_pep_from_offline: true
## XEP compliant, but increases resource comsumption
## ignore_pep_from_offline: false
last_item_cache: false
plugins:
- "flat"
- "hometree"
- "pep" # pep requires mod_caps
mod_register:
##
## Protect In-Band account registrations with CAPTCHA.
##
## captcha_protected: true
##
## Set the minimum informational entropy for passwords.
##
## password_strength: 32
##
## After successful registration, the user receives
## a message with this subject and body.
##
welcome_message:
subject: "Welcome!"
body: |-
Hi.
Welcome to this XMPP server.
##
## When a user registers, send a notification to
## these XMPP accounts.
##
## registration_watchers:
## - "admin1#example.org"
##
## Only clients in the server machine can register accounts
##
ip_access: trusted_network
##
## Local c2s or remote s2s users cannot register accounts
##
## access_from: deny
access: register
mod_roster: []
mod_shared_roster: []
## mod_time: []
mod_vcard: []
mod_version: []
##
## Enable modules with custom options in a specific virtual host
##
## append_host_config:
## "localhost":
## modules:
## mod_echo:
## host: "mirror.localhost"
##
## Enable modules management via ejabberdctl for installation and
## uninstallation of public/private contributed modules
## (enabled by default)
##
allow_contrib_modules: true
### Local Variables:
### mode: yaml
### End:
### vim: set filetype=yaml tabstop=8
As far as i got from config file it allows everyone for account creation, donno whether I am completely right.
Any pointer on resolving error appreciated

Modify these changes to you ejabberd.yml file.
## In-band registration allows registration of any possible username.
## To disable in-band registration, replace 'allow' with 'deny'.
register:
- allow
## Only allow to register from network.
trusted_network:
- allow: all