JSJaC connection to Openfire on remote host problem


so far I developed completey locally, having everything (Apache, Openfire, JSJaC application) on my laptop, running quite fine. Now I want to use remote server for Apache/Openfire. I did basically the same steps, incl. the whole http-bind stuff. I test the setting with simpleclient.html provided by JSJaC.

Now here’s the deal, if I use the simpleclient directly on the remote server - http://here.domain.org/simpleclient.html - it works. If I use it locally - http://localhost/simpleclient.html - and with the same settings I get an 503 (service unavailable). It seems to be more a network/Apache issue than Openfire/JSJaC one, but I’m not an expert.

My parameters for the simpleclient:

HTTP Base: http://here.domain.org/http-bind/

JabberServer: here.domain.org

So in my apach virtual host conf file I have the lines:

AddDefaultCharset UTF-8

ProxyReqests On

ProxyPass /http-bind/ http://localhost:7070/http-bind/

What I tried so far

  • checked if 7070 open from extern: yes

  • checked etc/hosts: localhost here.domain.org here

  • checked Apache conf for restrictions: can’t find any (but I’m not completely sure where to look at)

By the way, with,e.g., Pidgin I can connect from my laptop to the remote server. Just the JSJaC simpleclient won’t do. So I assume it’s the http-bind that causes the trouble. I would understand if port 7070 weren’t open, but it is.

Any hints or help are much appreciated!


Ok, I got it. It was a cross-domain scripting issue. I started looking into the JSJaC library and noticed that it makes XmlHttpRequests which by default won’t work across different domains. I therefore had to allow this with Apache on the Openfire-Server. I added the follwing entries in the VirtualHost conf file:

Header always set Access-Control-Allow-Origin "*"   
Header always set Access-Control-Methods "POST, GET, OPTIIONS"   
Header always set Access-Control-Allow-Credentials true   
Header always set Access-Control-Allow-Headers "Content-Type, *"

Of course the mod_headers module must be loaded for this.

I’m not sure which entries are actually required, I didn’t try every combinations. I think the always is needed since the request to the http-bind address is a proxy thingy.