Permissions: "These users can register" NOT working

Openfire Plugins Kraken - IM Gateway
1

Hi,

I have 1.0 beta 6b on wildfire 3.1.1 installed. The users can connect to the transport (MSN in my first situation) BUT ONLY when I set the permissions to " All users can register". Only with this the gateway and connection is working fine.

Setting “These users can register” and I fill in the username as used in the admin panel (bob) and even the full JID the user who wants to connect get the following error: Server Error: (Code 400) Can not continue.

In addition a suggestion:

Sorry to say that, but the “Manual Registration” can only get partial acceptance from me. Will mean, that as an admin of wildfire, I only want to add the JID and the transport to which the user is allowed, or should be able to use, and nothing more.

I don’‘t want to mess around, and don’'t want to know even,username, password or even nickname.

All this info should stay with the user who is using the transport. Make it short simple and secure like:

bob@foojabber.com > MSN

willy@foojabber.com > AIM

and so on. I don’'t want to offend, just my thoughts

turbo

2

turbo wrote:

Hi,

I have 1.0 beta 6b on wildfire 3.1.1 installed. The users can connect to the transport (MSN in my first situation) BUT ONLY when I set the permissions to " All users can register". Only with this the gateway and connection is working fine.

Setting “These users can register” and I fill in the username as used in the admin panel (bob) and even the full JID the user who wants to connect get the following error: Server Error: (Code 400) Can not continue.

In addition a suggestion:

Sorry to say that, but the “Manual Registration” can only get partial acceptance from me. Will mean, that as an admin of wildfire, I only want to add the JID and the transport to which the user is allowed, or should be able to use, and nothing more.

I don’‘t want to mess around, and don’'t want to know even,username, password or even nickname.

All this info should stay with the user who is using the transport. Make it short simple and secure like:

bob@foojabber.com > MSN

willy@foojabber.com > AIM

and so on. I don’'t want to offend, just my thoughts

While I agree that I wouldn’‘t ever want to see my end user’‘s passwords and such, I added that option because it was requested. Effectively what you are asking for is “These users can register”… just list out the users who should be permitted to register and let them do it. That said, something appears to be “wrong” with that. =( Are you using LDAP for your user base perchance? The server error 400 is not one I expected to see. You don’'t have javascript turned off or anything like that do you?

3

Hi jadestorm,

No, not using LDAP or anything similiar. And why “Java script” ? We are using Pandion, no browser involved.

AS you mentioned correct, I just want to list the users who should be allowed to use the gateway.

And as I said, turning this off and the connection is just fine, works as expected

turbo

4

Javascript was in reference to when you set up the user permissions in the web admin interface.

5

sorry for the late reply,

I just had to rebuild my main machine.

YES, Java script was/is enabled when using the admin interface of Wildfire.

turbo

6

Does anything at all appear in any of your wildfire logs when the error occurs? (from the web admin interface)

7

jadestorm,

If you mean errors showing on the screen in the web admin interface: NO. It just saves fine and the error message is in the client (Pandion we use).

I found a warning log in the wildfire dir and here is a snipped of the failed connection. It looks like that the plugin is not able to lookup the usernames of the system or the one I had added. Remember: I added at one time only the username ex. bob and at another try I used the full JID as bob@foo.com

2007.01.29 22:41:16 Group not found while adding access rules.

2007.01.29 22:52:42 User not found while adding access rules.

2007.01.29 22:52:42 Group not found while adding access rules.

2007.01.29 22:54:01 Autocreating jiveID row for type ‘‘125’’

2007.01.29 23:00:23 Group not found while adding access rules.

2007.01.29 23:01:22 User xxxxxx@xxxxxx.com not found while adding access rules.

2007.01.29 23:01:22 Group not found while adding access rules.

2007.01.29 23:02:52 User not found while adding access rules.

2007.01.29 23:02:52 Group not found while adding access rules.

2007.01.29 23:06:02 User xyz@xxxxx.com not found while adding access rules.

2007.01.29 23:06:03 Group not found while adding access rules.

2007.01.29 23:06:32 User not found while adding access rules.

2007.01.29 23:06:32 Group not found while adding access rules.

2007.01.29 23:07:54 User not found while adding access rules.

2007.01.29 23:07:54 Group not found while adding access rules.

I just marked out the real addresses.

If setting to “Every one can access” the connection to the other IM system is done fine.

turbo

8

Hrm. Looks like it’‘s seeing a lot of “blank” users and groups. It shouldn’'t be seeing them. ponder Ok first off, entering the full JID is definitely not supported yet. (GATE-173) Did you you enter your users on multiple lines, using carriage returns?

turbo wrote:

I just marked out the real addresses.

If setting to “Every one can access” the connection to the other IM system is done fine.

turbo

jadestorm,

If you mean errors showing on the screen in the web admin interface: NO. It just saves fine and the error message is in the client (Pandion we use).

I found a warning log in the wildfire dir and here is a snipped of the failed connection. It looks like that the plugin is not able to lookup the usernames of the system or the one I had added. Remember: I added at one time only the username ex. bob and at another try I used the full JID as bob@foo.com

2007.01.29 22:41:16 Group not found while adding access rules.

2007.01.29 22:52:42 User not found while adding access rules.

2007.01.29 22:52:42 Group not found while adding access rules.

2007.01.29 22:54:01 Autocreating jiveID row for type ‘‘125’’

2007.01.29 23:00:23 Group not found while adding access rules.

2007.01.29 23:01:22 User xxxxxx@xxxxxx.com not found while adding access rules.

2007.01.29 23:01:22 Group not found while adding access rules.

2007.01.29 23:02:52 User not found while adding access rules.

2007.01.29 23:02:52 Group not found while adding access rules.

2007.01.29 23:06:02 User xyz@xxxxx.com not found while adding access rules.

2007.01.29 23:06:03 Group not found while adding access rules.

2007.01.29 23:06:32 User not found while adding access rules.

2007.01.29 23:06:32 Group not found while adding access rules.

2007.01.29 23:07:54 User not found while adding access rules.

2007.01.29 23:07:54 Group not found while adding access rules.

9

jadestorm,

right now I have only 4 users and only added 1 user in the box to test. I am a strong believer in security and that was the main reason to test

Adding more than 1user, I would have done it line by line. How should it look like with more than 1 user ?

turbo

10

Oh it shouldn’‘t mattter =D I was just trying to track down why you were seeing those messages in your logs. I tracked it down earlier today and in theory should have the fixes for that committed tonight. Of course, I don’'t know yet whether it will affect what you were running into.

11

Let me know here when you have something to test.

turbo