powered by Jive Software

Hazelcast Group User Permissions

The Hazelcast setup is working great except for one minor issue, for some reason when users permissions are updated for a group chat room, they’re not being replicated to the other servers in the cluster.

Right now we are using a single MySQL DB running version 5.1.62, CentOS 6.3, and Openfire 3.8.1.

I didn’t want to post the entire hazelcast config, so if there is any relavant part of it that would be helpful, please let me know and I’ll get it posted.

Thanks for any help anyone can provide.

–Nick Cappelletti

Just an update, a test cluster has been setup and we’ve determined that even clearing all cache on the server that the change wasn’t made on doesn’t fix the problem. The only time the server will read the changes from the DB is after a restart.

Does openfire cache the group chat user permissions for a room for a specific amount of time even when all cache is cleared?

Hi Nick -

I did a quick scan of the implementation (as I am not very familiar with MUC), and it appears the user permissions should be propagated across cluster nodes. Before we open a ticket for this one, can you provide a little more detail as to exactly what you’re doing/seeing?

  1. Do you know which permissions are affected, e.g. access (owner/admin/member) vs. role (moderator/participant/visitor)?
  2. How are you changing the user permissions? Openfire Admin console, or via Spark or other client?
  3. How are you validating that the changes did not get copied to the other cluster node(s)?
  4. Are there any exceptions or error messages in the logs on either of the cluster nodes?
  5. Idle rooms should be dropped from the cache after an hour (by default). Do the user perrmission appear to be propagated after an hour or so?

I don’t think we need to see your Hazelcast config just yet. With a bit more information I expect we can get a handle on the issue.

Hey Tom,

I’m working with Nick on our openfire setup, I did some testing tonight and here were my results:

  1. owner/admin/member all seem to be affected, owners and admins only show up in the ‘User Permissions’ page of the node they were added to. Members are a little different, when added it syncs to both nodes however when removed it only removes from one and stays listed on the other.

I confirmed the affiliation does appear to be getting added to the ofMucAffiliation table.

Roles seem to be okay, Don’t see a way to change them in the admin console so I’ve only testing changing with my client.

  1. We have tried both adding from the admin console and via client clients(mostly pidgin and adium). We mostly try and use the admin console.

  2. We are viewing the ‘User Permissions’ page (muc-room-affiliations.jsp) in the admin console. I’ve had users who connect to the node that does not show them as an admin and they do not have admin privileges, If they connect to the other node that does show their permissions they do have admin privileges.

Right now the work around is to add users to both nodes through the admin console. While this does work it is somewhat tedious for us.

  1. I created a test room and let it sit for about 2 hours and still only showing on one nodes ‘User Permissions’ page

Let me know if you need any more information.

Hi Tom,

I’m sure you’re busy, but I was curious if perhaps a bug was open for this problem or if there might be a work around/solution to this issue?



Hi Nick/Kevin -

Thanks for the additional detailed information. I have opened OF-665 to track this issue. I have left it unassigned for now, but hopefully either me or one of the other developers will be able to pick it up and take a look at this one soon.


OK - looks like we have a fix for this issue. Feel free to grab the latest build (dated 04-May-2013 and later) and give it a whirl.