Using Openfire 4.7 and the monitor plugin and having rooms configured to be permanent with history.
Archive History is available from a deleted room if a new room is created with the same name.
This affects all rooms but is problematic for secure rooms, i.e. Password.
Delete a Password protected Room and create a room with the same name but do not make it password protected.
A chat user can enter the new room and search for the chat history of the room without having had the permissions.
Has anybody any comments on this?