Hello,
I’m trying to make my private XMPP server using openfire and conversations app.
But I got a problem to make it.
For example, Domain of openfire server is A.com and domain of nginx reverse proxy server is B.com
And I tried username @ B,com to login in my conversations app.
But It said “Stream opening error” and can’t connect.
Is it possible to connect via username @ B,com?
My purpose is hiding my real host openfire server’s IP(domain) to client!
Just wanna show proxy domain when user try to login
Even I tried to use connection manager, It doesn’t work for me (I’m not sure If I used correctly… )
The XMPP domain name that is configured for Openfire and the hostname/IP address of the server(s) that is running Openfire do not need to be the same (or indeed relate to each-other).
There is no hiding the XMPP domain name from the server, as this value is used throughout the protocol. It forms a part of all of the XMPP addressing that’s going on.
As a rule of thumb: never use an IP address as the value for your XMPP domain name.
On the TCP/IP level, you can use different addresses though. You’d typically map between the XMPP-level and TCP-level addressing with DNS SRV records. In its simplest form, you would have record like these that map the XMPP client and server services for the XPP domain example.net to the hostname that’s providing the services (server.example.net)
_xmpp-client._tcp.example.net. 86400 IN SRV 5 0 5222 server.example.net.
_xmpp-server._tcp.example.net. 86400 IN SRV 5 0 5269 server.example.net.
Beyond this, you have limited options, that often result in half-backed hacks. You might be able to get a kind of reverse-proxy setup for just the BOSH / HttpBind endpoints, but your mileage will vary.
Overwise, Can u suggest how to make A.com is openfire server, B.com is like proxy and
If I try to connect username@B.com, pass through proxy B server and connect A.com(openfire server)?
The Connection Manager project is currently unmaintained, and has not had important updates for several years. I do no recommend using it.
The Ignite Realtime community does not produce software to act as a proxy. You might get somewhere with setting up generic reverse proxies (for BOSH) or things like Metre for server-to-server traffic - but to be frank: these add more complexity than fix generic security issues.
My advice for you would be to first learn to understand all of the networking aspects of running an XMPP domain, before preemptively putting things like proxies in place “for security”.