powered by Jive Software

Blocking Jabber messages from external servers?

Hello. First I’‘d like to say that your software is excellent and I appreciate the work you’‘ve done a lot. Right now I’‘m using it to run a Jabber server at my workplace for some new software that’‘s going to be used by the Virginia Department of Transportation to supplement their current communication framework. I’'m writing a standalone Flash application that communicates to the Jabber server and creates chat rooms based around “incidents” (like car crashes, congestion, etc.) so that the people in the field with their laptops can coordinate their responses to the incident better. It works really well, so I have to say thank you first and foremost.

That being said, I was wondering if it were possible to restrict access to the Jabber server and the user rosters from the admin client. Suppose a user logged in from another IM client (such as Gaim) and edited their roster to include users who aren’'t on the same network. Is there a way to kick those users off of their roster, or at least disable messaging between them, by stopping any such messages on the server?

Sorry if this feature is already available and I’‘m just too oblivious to see it… If this feature isn’‘t available, it seems like it could be a useful tool for isolating a network for many applications such as mine, and I can’'t imagine it would be too difficult to include.

Thanks for your assistance. I’‘ll probably check this board again to see if there are responses, but feel free to e-mail me also if you’'d like to discuss the issue more.

Hey Randolph,

That’'s a nice feature request. Currently you have two options.

Option 1:

Log into the Admin Console, click on the Server to Server page and disable the service. This option won’‘t let other servers connect to your server so local users will not receive messages from remote users. However, it is possible to send messages unless the server is listed in the “Not Allowed to Connect” section or does not appear in the “White List” table when White List is enabled. I’'m going to modify this logic so that if the service is disabled then not only the server will not let remote users send messages to local users but also prevent local users from sending messages to remote users.

Option 2:

Write a PacketInterceptor that will reject packets whose domain does not match the local server domain.

Regards,

– Gato

Hey Randolph,

You may use the next nightly build that includes a fix for JM-361. The new version will disable sending packets if the s2s service is disabled.

Thanks,

– Gato

Wow, I hadn’‘t realized that you had added the S2S stuff on the 2nd. Thanks for the incredibly fast response. I’‘ll see if I can install a new version (I wasn’‘t the one who installed it the first time around, and I’‘m leaving on vacation after today so I’‘d rather not break things before I go, which I’'ve been known to do… ).

Thanks again. I’‘m thinking of using this to integrate Jabber access into a web based chat room I’‘ve made during my personal time, but we’‘ll see if that actually happens. It would be awesome but it’'s hard to find the time. Keep up the good work.