Reject Messages by users which are not subscribed to each other

Openfire Openfire Support
1

Hello everyone,

for a few weeks now I’m working with XMPP servers, but I cannot find any environment running like it should or pass all my requirements. A small information about what I am going to do:

My Openfire is using my AD. I’m using MUC Bookmarks to autojoin a MUC. I’m using Group-Share-Roster function to build fixed-rosters.

I have Groups of users which shall be able to comunicate with eath other of the same Group - only of the same group. I have to be sure that no user can communicate with a user of another group. This is the most important thing here. Every group got her own MUC. Users shall only be able and allowed to join this MUC’s they are assigned to. User may not search or add any contacts. This is the second most important thing.

So far, Group Bookmarks running fine by using this Client Management Plugin. I disable search functions, and this seem to work.

I can use the Packet Filter Rules Plugin or the Subscrition Plugin to reject all subscriptions except for specific users. And here I got a problem:

**If I try to add a user on user1, it sends a subscription request which is obvious getting rejected. BUT, the user2 is still shown as offline with a question mark icon in user1’s list. The user2 I wanted to add doesn’t get shown anything so far. User2 is not in the list but I you can still message him, and my user2 which got nothing to see yet, receives the message. I need to fix this, otherwise I can unisntall the complete XMPP things right now, because this is a K.O. aspect for my environment. **

Can you guys help me out please?

A few other things which are making problems:

- Users shall not see any other MUC, and they may not join any other too … I have no idea how I could handle this. I said only registered users can join the MUC, but without using passwords, you can still get into the room - just click add room, join room, then you can see whos in there, and read what other occupans are writing. These others see you but they don’t see what you wrote. I need to fix this too.

  • When pressing once the refresh conference.myhost.com button the view is not showing any room I’m actual in … is there a known fix for this bug?i couldn’t find any fix for it …

  • Is it possible to edit the sparkweb client? If I could just modify it: delete the tab conferences, delete the x on the MUC-Tabs, delete the button add contact, that you only thee those the administrator put into your roster, and you only see the MUCs your autojoining … Sparkweb is developed in Flash, isn’t it?

I really hope anyone can help me out please, I’m trying to get a environment running for a few weeks now, openfire is actual the favorited one, even if I have to use olde version cause SparkWeb is still buggin on the latest release ^^

Best Regards.

2

for a few weeks now I’m working with XMPP servers, but I cannot find any environment running like it should or pass all my requirements.

Yes, because you have a lot relative specific requirements.

I have Groups of users which shall be able to comunicate with eath other of the same Group - only of the same group.

Sounds like it would be covered by XEP-0016: Privacy Lists.

=> Create a privacy list with an item like in Example 30.

Users shall only be able and allowed to join this MUC’s they are assigned to.

You probably need to configure the MUC room as “members-only” and add each member. I don’t think it’s possible to register a whole roster group to a MUC room.

User may not search or add any contacts

Deny searching could be hard to do, since it’s a server module. I don’t know if Privacy Lists can block IQs to server modules. Otherwise you need again Privacy Lists (XEP-0016) and deny presence and IQ stanzas.

**If I try to add a user on user1, it sends a subscription request which is obvious getting rejected. BUT, the user2 is still shown as offline with a question mark icon in user1’s list. The user2 I wanted to add doesn’t get shown anything so far. User2 is not in the list but I you can still message him, and my user2 which got nothing to see yet, receives the message. I need to fix this, otherwise I can unisntall the complete XMPP things right now, because this is a K.O. aspect for my environment. **

Can you guys help me out please?

Again Privacy Lists…

I don’t know what the Packet Filter Plugin does, but it sounds like it would work similar to a Privacy List.

Users shall not see any other MUC, and they may not join any other too … I have no idea how I could handle this. I said only registered users can join the MUC, but without using passwords, you can still get into the room - just click add room, join room, then you can see whos in there, and read what other occupans are writing. These others see you but they don’t see what you wrote. I need to fix this too.
Same as above. Make a members-only room and add the allowed members to the member list, either in Openfire’s admin UI or via XMPP.

3

Yes, because you have a lot relative specific requirements.

Yeah that’s true ^.^

Sounds like it would be covered by http://xmpp.org/extensions/xep-0016.html#protocol-message.

=> Create a privacy list with an item like in Example 30.

I’m hearing the first time about this privacy lists, I read and actual reading this article but I’m not sure if this can help me out. “Example 30. User blocks based on roster group - As a result of creating and applying the foregoing list, the user will not receive messages from any entities in the specified roster group.” For me this sounds like I have to add all those groups the user should block. This is impossible for the usage … too many groups ^^

I could also imagine “” that this means he’s blocking everything not in the message-group-example group. If it is this way, I need to learn where I place those files and how to work with them and use them.

You probably need to configure the MUC room as “members-only” and add each member. I don’t think it’s possible to register a whole roster group to a MUC room.

Adding each member is not possible because I got too many of them too. But I’m using Grouping by LDAP and using Group Bookmars. This works fine. You can append groups on a MUC. I seriously used members-only a few times, this never worked with Group-Bookmars. For any reason now it seems to work (Did another try using this because I wanted to be sure what I’m posting here ) - I’ll do some tests on it later.

Deny searching could be hard to do, since it’s a server module. I don’t know if Privacy Lists can block IQs to server modules. Otherwise you need again Privacy Lists (XEP-0016) and deny presence and IQ stanzas.

Like I said I was able to forbidd to search for users. But you can still add others. - But here too, I have to get into the topic of this XEP things.

Again Privacy Lists…

I don’t know what the Packet Filter Plugin does, but it sounds like it would work similar to a Privacy List.

Packet Filter Plugin: In case that you’re interested in: “The packet filter plugin allows you to create rules that will block or reject certain packets to the server” you can choose a packet type, where it comes from, to, and what to do, pass/reject/drop …

Same as above. Make a members-only room and add the allowed members to the member list, either in Openfire’s admin UI or via XMPP.

We got this above :wink:

So far, thank you very much sir for this reply.

Best Regards.

4

I could fix the join MUC problem if not assigned by changing the configuration to member-only like I said. Seems to work.

Edit: I was trying out some more and I still got a problem. When making

By changing default MUC configuration I could prevent other users for creating MUCs, but when I do a GroupBookmark and I do members only, noone of the members can join a room, because group bookmarks doesn’t register users to a room.

The only thing now I need to fix is that user can message others…I’ll go deeper in the XEP t hing now I guess. But feel free to give me some tips if anyone know something about it.

Best Regards.