Is it possible, and then how, to discover if the current server provides a MUC component with Smack?
I try to make the configuration for the end user as easy as possible. So that he has to enter just the JID and the password. If the server belonging to the JID has a MUC component, the component should be used for new MUCs. If the server provides no MUC component, a default MUC component is used.
You want to use XEP-0030 (Service Discovery) for this. ServiceDiscoveryManager provides an implementation. Call getInstanceFor(connection), then discoverItems("example.com"), then then discoverInfo(jid) for each item returned from discoverItems. The correct component will implement the http://jabber.org/protocol/muc feature.
Related
I developed chat application for mobile platform which uses eJabberd xmpp chat server configured in my public Ubuntu machine.
To make the server connection i used https://mydomainname.com:5280/http-bind so how to protect this to access only by my client application not others.
Now my serverĀ is accessible by any client like pidgin, adium etc How to block this.
You can modify ejabberd to have a custom authentication that integrate a variation from the specification and implement that in your client. That way, unmodified standard client will not be able to read it.
However, as your client is Javascript and code is visible, it will still be possible to patch existing client to implement your variation, but there is not way around this. The approach of "shared secret" means that if the secret is found, other clients could find a way to connect. The secret is even less difficult to find when your code is public (even if obfuscated).
So I'm starting to use Redis and Socket.io to broadcast events to the client side. I'm using Laravel for the backend and will take advantage of their event functionality.
Based on a user's access level, I only want them to listen to certain channels. I figured I could dynamically set the channels they will listen to, but I was worried about whether or not they could use a debugging tool or the sort to change the channel they're listening to.
For example, maybe the page will load listening on 'channel-100', but can they alter the code so that it can listen to any other channel, like to 'channel-110'?
I am not sure I can help specifically with Socket.io, but I can tell you how we have approached that in our realtime system, and this may apply to your problem.
Clients can request to attach to a channel, so it's the inverse of what you suggested i.e. clients decide what they listen to, server's don't decide. See how channels attach.
Now to address your concern of which clients can access which channels then, your Laravel app should be issuing a token that specifies what rights it has. As your Laravel app is responsible for identity management and knows who the user is, it is always best positioned to have this up to date information at any time. So your client should request a token from your Laravel app, which is passed to your Socket.io server, which should in turn then apply rules to allow / disallow requests to join those channels. That way your Socket.io server does not need to have any business logic embedded from your system, and issuing tokens is easy in your app.
See how we made token authentication can work with your app.
I realise it's not a direct answer, but I hope it helps how you think about it architecturally.
Matt, co-founder, Ably: simply better realtime
I want to write own XMPP client. I have jabber server. Is it real use XMPP library only register on server programaticaly?
I want to generate login, password prog-ly, then register prog-ly on server and start to chat. Or XMPP protocol doesn't allow have registering operation?
Registering an account via the XMPP protocol is known as in-band registration, defined in XEP-0077.
However, not all servers support this, or they have it disabled, or impose time/IP limits, as this makes it easy for people writing spambots (which hopefully you are not doing) to easily create multiple accounts automatically.
Like with most XMPP extensions, you can use Service Discovery to determine whether a server supports in-band registration.
I am working on xmpp protocol and I came across with Gateway concept, in which it allows to communicate to services which uses another protocol like msn,aim,yahoo etc ..
As far as I understand I beleive that it allows only 1 registration for a particular gateway at a time.For example I can register only 1 msn account at a time.I'am not sure if its really true.
Is it possible to register more that 1 account for a particular gateway and how?Please help me with this..
That is true. All gateways I know (e.g. spectrum) only allow one registration per instance. But you can run multiple instances of the smae gateway type e.g.:
icq1.jabberserver.com
icq2.jabberserver.com
That is, additional to run mutliple gateway components to different IM neworks, like
gtalk.jabberserver.com
irc.jabberserver.com
icq.jabberserver.com
msn.jabberserver.com
...
you also run multiple instances of the same gateway component on your server. Please not that this are (internal and/or external) components to your XMPP server and not individual XMPP servers!
I have a web application using XMPP for chatting. The only real problem is that users have to create their own XMPP account on the right server. I'd like to automate this process.
How do I automatically create a new XMPP account for a new user ? How do I know what address can be used or not for the account ?
There are a few different approaches:
Have the client register in-band. They can then choose their username themselves.
Connect to an existing user database, or interface with it directly.
The server might have some CLI or Web-based management tool that can be used.
As ggozad wrote, use the Add user command defined by Service Administration.
You need to implement (and your server to support) XEP-0133 Service Administration and in particular the add user command. You can create random user ids or generate them with some logic and store them somehow to check for uniqueness. The get-registered-users command might also be of help.