Openfire Roster communication only

I am trying to implement a webchat using Openfire as a server. (at this moment i am using version 4.0.2) and implementing a web client using Strophe.js

I would like to know if there is a way to restrict the communication between users that are in their roster.


  • User Alice have in roster [Charlie]

  • User Bob have in roster [Charlie]

  • User Charlie have in roster [Alice, Bob]

So the users can only communicate with each ohter are:

Alice + Charlie

Bob + Charlie


Alice and Bob cannot talk with each other.

Other important thing would be the roster can only be managed by the administrator


I Have already made some experiences and at this moment with Openfire everybody can talk with everybody.

I have the same question in stackoverflow.

You can try limiting communication (and maybe new contact registration) using Packet Filter plugin and groups. Not sure, but maybe blocking IQs will not allow adding new contacts.

Managing contacts and groups with packet filter is humanly impossible since the amount of users i have.

You can set up privacy lists for all users that block messages based on (missing) presence subscription: XEP-0016: Privacy Lists

Note that by default, privacy lists can be managed by each end-user (so it’s easily circumvented). I don’t think that Openfire supports default privacy lists, so you’ll likely have to create some code to automatically create a suitable privacy list for (new) accounts.

As for blocking roster modifications (as well as presence subscription requests, which is much of the same thing), Openfire does not support its management out of the box. Again, you’ll have to introduce custom code (for instance, using a PacketInterceptor of sorts, similar to what @wroot suggested.