From 08ebf50480403aeab06a374b36531d8e81c153ae Mon Sep 17 00:00:00 2001
From: Badlop ejabberd is a free and open source instant messaging server written in Erlang. ejabberd is cross-platform, distributed, fault-tolerant, and based on open standards to achieve real-time communication. ejabberd is designed to be a rock-solid and feature rich XMPP server. ejabberd is suitable for small deployments, whether they need to be scalable or not, as well as extremely big deployments. This module implements XMPP over Bosh (formerly known as HTTP Binding)
+as defined in XEP-0124 and XEP-0206.
+It extends ejabberd’s built in HTTP service with a configurable
+resource at which this service will be hosted. To use HTTP-Binding, enable the module:
+ and add With this configuration, the module will serve the requests sent to
+ If you want to set the service in a different URI path or use a different module,
+you can configure it manually using the option The maximum inactivity period is by default 30 seconds.
+This can be configured with the module option max_inactivity.
+For example, to set 50 seconds:
+ This simple module serves files from the local disk over HTTP. Options:
This module adds support for Last Activity (XEP-0012). It can be used to
discover when a disconnected user last accessed the server, to know when a
connected user was last active on the server, or to query the uptime of the
@@ -2052,7 +2103,7 @@ connected user was last active on the server, or to query the uptime of the
iqdisc This module provides a Multi-User Chat (XEP-0045) service.
Users can discover existing rooms, join or create them.
Occupants of a room can chat in public or have private chats. Some of the features of Multi-User Chat:
@@ -2275,7 +2326,7 @@ the newly created rooms have by default those options.
...
]}.
This module enables optional logging of Multi-User Chat (MUC) public conversations to
HTML. Once you enable this module, users can join a room using a MUC capable
Jabber client, and if they have enough privileges, they can request the
@@ -2395,7 +2446,7 @@ top link will be the default This module implements offline message storage. This means that all messages
sent to an offline user will be stored on the server until that user comes
online again. Thus it is very similar to how email works. Note that
@@ -2426,7 +2477,7 @@ and all the other users up to 100.
...
]}.
This module implements Blocking Communication (also known as Privacy Rules)
as defined in section 10 from XMPP IM. If end users have support for it in
their Jabber client, they will be able to:
@@ -2454,7 +2505,7 @@ subscription type (or globally).
iqdisc This module adds support for Private XML Storage (XEP-0049):
This module implements SOCKS5 Bytestreams (XEP-0065).
It allows ejabberd to act as a file transfer proxy between two
XMPP clients. Options:
@@ -2521,7 +2572,7 @@ The simpliest configuration of the module:
...
]}.
This module offers a Publish-Subscribe Service (XEP-0060).
The functionality in mod_pubsub can be extended using plugins.
The plugin that implements PEP (Personal Eventing via Pubsub) (XEP-0163)
@@ -2567,7 +2618,7 @@ The following example will use node_tune instead of node_pep for every PEP node
...
]}.
This module adds support for In-Band Registration (XEP-0077). This protocol
enables end users to use a Jabber client to:
This module implements roster management as defined in RFC 3921: XMPP IM. Options:
This module adds support for logging end user packets via a Jabber message
auditing service such as
Bandersnatch. All user
@@ -2676,7 +2727,7 @@ To log all end user packets to the Bandersnatch service running on
...
]}.
This module enables you to create shared roster groups. This means that you can
create groups of people that can see members from (other) groups in their
rosters. The big advantages of this feature are that end users do not need to
@@ -2751,7 +2802,7 @@ roster groups as shown in the following table:
This module adds support for Statistics Gathering (XEP-0039). This protocol
allows you to retrieve next statistics from your ejabberd deployment:
This module features support for Entity Time (XEP-0090). By using this XEP,
you are able to discover the time at another entity’s location. Options:
This module allows end users to store and retrieve their vCard, and to retrieve
other users vCards, as defined in vcard-temp (XEP-0054). The module also
implements an uncomplicated Jabber User Directory based on the vCards of
@@ -2845,7 +2896,7 @@ and that all virtual hosts will be searched instead of only the current one:
...
]}.
ejabberd can map LDAP attributes to vCard fields. This behaviour is
implemented in the mod_vcard_ldap module. This module does not depend on the
authentication method (see 3.2.5). Note that ejabberd treats LDAP as a read-only storage:
@@ -3021,7 +3072,7 @@ searching his info in LDAP. This module implements Software Version (XEP-0092). Consequently, it
answers ejabberd’s version when queried. Options:
With the ejabberdctl command line administration script
+ With the ejabberdctl command line administration script
you can execute ejabberdctl commands (described in the next section, 4.1.1)
and also many general ejabberd commands (described in section 4.2).
This means you can start, stop and perform many other administrative tasks
@@ -3043,7 +3094,7 @@ and other codes may be used for specific results.
This can be used by other scripts to determine automatically
if a command succeeded or failed,
for example using: echo $? When ejabberdctl is executed without any parameter,
+ When ejabberdctl is executed without any parameter,
it displays the available options. If there isn’t an ejabberd server running,
the available parameters are:
ejabberd is an Erlang/OTP application that runs inside an Erlang runtime system.
+ ejabberd is an Erlang/OTP application that runs inside an Erlang runtime system.
This system is configured using environment variables and command line parameters.
The ejabberdctl administration script uses many of those possibilities.
You can configure some of them with the file ejabberdctl.cfg,
@@ -3148,7 +3199,7 @@ Starts the Erlang system detached from the system console.
Note that some characters need to be escaped when used in shell scripts, for instance An ejabberd command is an abstract function identified by a name,
+ An ejabberd command is an abstract function identified by a name,
with a defined number and type of calling arguments and type of result
that is registered in the ejabberd_commands service.
Those commands can be defined in any Erlang module and executed using any valid frontend. ejabberd includes a frontend to execute ejabberd commands: the script ejabberdctl.
@@ -3156,7 +3207,7 @@ Other known frontends that can be installed to execute ejabberd commands in diff
ejabberd_xmlrpc (XML-RPC service),
mod_rest (HTTP POST service),
mod_shcommands (ejabberd WebAdmin page). ejabberd includes a few ejabberd Commands by default.
+ ejabberd includes a few ejabberd Commands by default.
When more modules are installed, new commands may be available in the frontends. The easiest way to get a list of the available commands, and get help for them is to use
the ejabberdctl script:
The frontends can be configured to restrict access to certain commands.
+ The frontends can be configured to restrict access to certain commands.
In that case, authentication information must be provided.
In each frontend the AccessCommands option is defined
in a different place. But in all cases the option syntax is the same:
@@ -3242,7 +3293,7 @@ and the provided arguments do not contradict Arguments. As an example to u
{_bot_reg_test, [register, unregister], [{host, "test.org"}]}
]
The ejabberd Web Admin allows to administer most of ejabberd using a web browser. This feature is enabled by default:
a ejabberd_http listener with the option web_admin (see
section 3.1.3) is included in the listening ports. Then you can open
@@ -3314,13 +3365,13 @@ The file is searched by default in
The directory of the documentation can be specified in
the environment variable EJABBERD_DOC_PATH.
See section 4.1.2. If you enable mod_configure and mod_adhoc,
+ If you enable mod_configure and mod_adhoc,
you can perform several administrative tasks in ejabberd
with a Jabber client.
The client must support Ad-Hoc Commands (XEP-0050),
and you must login in the Jabber server with
an account with proper privileges. ejabberd uses the distributed Mnesia database.
+ ejabberd uses the distributed Mnesia database.
Being distributed, Mnesia enforces consistency of its file,
so it stores the name of the Erlang node in it (see section 5.4).
The name of an Erlang node includes the hostname of the computer.
@@ -3357,8 +3408,8 @@ mv /var/lib/ejabberd/*.* /var/lib/ejabberd/oldfiles/
You need to take the following TCP ports in mind when configuring your firewall:
epmd (Erlang Port Mapper Daemon)
+ epmd (Erlang Port Mapper Daemon)
is a small name server included in Erlang/OTP
and used by Erlang programs when establishing distributed Erlang communications.
ejabberd needs epmd to use ejabberdctl and also when clustering ejabberd nodes.
@@ -3394,7 +3445,7 @@ but can be configured in the file ejabberdctl.cfg.
The Erlang command-line parameter used internally is, for example:
The Erlang cookie is a string with numbers and letters.
+ The Erlang cookie is a string with numbers and letters.
An Erlang node reads the cookie at startup from the command-line parameter -setcookie.
If not indicated, the cookie is read from the cookie file $HOME/.erlang.cookie.
If this file does not exist, it is created immediately with a random cookie.
@@ -3408,7 +3459,7 @@ to prevent unauthorized access or intrusion to an Erlang node.
The communication between Erlang nodes are not encrypted,
so the cookie could be read sniffing the traffic on the network.
The recommended way to secure the Erlang node is to block the port 4369. An Erlang node may have a node name.
+ An Erlang node may have a node name.
The name can be short (if indicated with the command-line parameter -sname)
or long (if indicated with the parameter -name).
Starting an Erlang node with -sname limits the communication between Erlang nodes to the LAN. Using the option -sname instead of -name is a simple method
@@ -3417,7 +3468,7 @@ However, it is not ultimately effective to prevent access to the Erlang node,
because it may be possible to fake the fact that you are on another network
using a modified version of Erlang epmd.
The recommended way to secure the Erlang node is to block the port 4369. ejabberd stores sensible data in the file system either in plain text or binary files.
+ ejabberd stores sensible data in the file system either in plain text or binary files.
The file system permissions should be set to only allow the proper user to read,
write and execute those files and directories. A Jabber domain is served by one or more ejabberd nodes. These nodes can
be run on different machines that are connected via a network. They all
must have the ability to connect to port 4369 of all another nodes, and must
@@ -3453,29 +3504,29 @@ router,
This module is the main router of Jabber packets on each node. It
routes them based on their destination’s domains. It uses a global
routing table. The domain of the packet’s destination is searched in the
routing table, and if it is found, the packet is routed to the
appropriate process. If not, it is sent to the s2s manager. This module routes packets which have a destination domain equal to
one of this server’s host names. If the destination JID has a non-empty user
part, it is routed to the session manager, otherwise it is processed depending
on its content. This module routes packets to local users. It looks up to which user
resource a packet must be sent via a presence table. Then the packet is
either routed to the appropriate c2s process, or stored in offline
storage, or bounced back. This module routes packets to other Jabber servers. First, it
checks if an opened s2s connection from the domain of the packet’s
source to the domain of the packet’s destination exists. If that is the case,
the s2s manager routes the packet to the process
serving this connection, otherwise a new connection is opened. Suppose you already configured ejabberd on one machine named (first),
and you need to setup another one to make an ejabberd cluster. Then do
following steps: You can repeat these steps for other machines supposed to serve this
domain. ejabberd includes an algorithm to load balance the components that are plugged on an ejabberd cluster. It means that you can plug one or several instances of the same component on each ejabberd cluster and that the traffic will be automatically distributed. The default distribution algorithm try to deliver to a local instance of a component. If several local instances are available, one instance is chosen randomly. If no instance is available locally, one instance is chosen randomly among the remote component instances. If you need a different behaviour, you can change the load balancing behaviour with the option domain_balancing. The syntax of the option is the following: Several balancing criteria are available:
Chapter 1 Introduction
ejabberdctl register admin1 example.org FgT5bk3
-
{acl, admins, {user, "admin1", "example.org"}}.
@@ -1886,7 +1887,7 @@ message is sent to all registered users. If the user is online and connected
to several resources, only the resource with the highest priority will receive
the message. If the registered user is not connected, the message will be
stored offline in assumption that offline storage
-(see section 3.3.10) is enabled.
+(see section 3.3.11) is enabled.
3.3.6 mod_http_bind
{modules,
+ [
+ ...
+ {mod_http_bind, []},
+ ...
+]}.
+
http_bind
in the HTTP service. For example:
+{listen,
+ [
+ ...
+ {5280, ejabberd_http, [
+ http_bind,
+ http_poll,
+ web_admin
+ ]
+ },
+ ...
+]}.
+
http://example.org:5280/http-bind/
+Remember that this page is not designed to be used by web browsers,
+it is used by Jabber clients that support XMPP over Bosh.request_handlers
.
+For example:
+{listen,
+ [
+ ...
+ {5280, ejabberd_http, [
+ {request_handlers, [{["http-bind"], mod_http_bind}]},
+ http_poll,
+ web_admin
+ ]
+ },
+ ...
+]}.
+
{modules,
+ [
+ ...
+ {mod_http_bind, [ {max_inactivity, 50} ]},
+ ...
+]}.
-3.3.6 mod_http_fileserver
3.3.7 mod_http_fileserver
-3.3.7 mod_last
3.3.8 mod_last
3.3.8 mod_muc
3.3.9 mod_muc
3.3.9 mod_muc_log
3.3.10 mod_muc_log
<a href="/">Home</a>
.
...
]}.
3.3.10 mod_offline
3.3.11 mod_offline
3.3.11 mod_privacy
3.3.12 mod_privacy
3.3.12 mod_private
3.3.13 mod_private
Using this method, Jabber entities can store private data on the server and
@@ -2466,7 +2517,7 @@ of client-specific preferences; another is Bookmark Storage ( This specifies
the processing discipline for Private XML Storage (jabber:iq:private) IQ queries (see section 3.3.2).
-
-3.3.13 mod_proxy65
3.3.14 mod_proxy65
3.3.14 mod_pubsub
3.3.15 mod_pubsub
3.3.15 mod_register
3.3.16 mod_register
-3.3.16 mod_roster
3.3.17 mod_roster
-3.3.17 mod_service_log
3.3.18 mod_service_log
3.3.18 mod_shared_roster
3.3.19 mod_shared_roster
3.3.19 mod_stats
3.3.20 mod_stats
-3.3.20 mod_time
3.3.21 mod_time
-3.3.21 mod_vcard
3.3.22 mod_vcard
3.3.22 mod_vcard_ldap
3.3.23 mod_vcard_ldap
3.3.23 mod_version
3.3.24 mod_version
-Chapter 4 Managing an ejabberd Server
-4.1 ejabberdctl
Chapter 4 Managing an ejabberd Server
+4.1 ejabberdctl
4.1.1 ejabberdctl Commands
4.1.1 ejabberdctl Commands
4.1.2 Erlang Runtime System
4.1.2 Erlang Runtime System
"
and {}
.
You can find other options in the Erlang manual page (erl -man erl).4.2 ejabberd Commands
4.2 ejabberd Commands
4.2.1 List of ejabberd Commands
4.2.1 List of ejabberd Commands
$ ejabberdctl help
@@ -3196,7 +3247,7 @@ exist tutorials to migrate
in offline storage. This might be useful when the number of offline messages
is very high.
-
-4.2.2 Restrict Execution with AccessCommands
4.2.2 Restrict Execution with AccessCommands
4.3 Web Admin
4.3 Web Admin
4.4 Ad-hoc Commands
4.4 Ad-hoc Commands
4.5 Change Computer Hostname
4.5 Change Computer Hostname
Chapter 5 Securing ejabberd
-5.1 Firewall Settings
Chapter 5 Securing ejabberd
+5.1 Firewall Settings
-
@@ -3369,7 +3420,7 @@ After you finish, remember to delete the temporary backup files from public dire
Port Description port range Used for connections between Erlang nodes. This range is configurable (see section 5.2). 5.2 epmd
5.2 epmd
erl ... -kernel inet_dist_listen_min 4370 inet_dist_listen_max 4375
-5.3 Erlang Cookie
5.3 Erlang Cookie
5.4 Erlang Node Name
5.4 Erlang Node Name
5.5 Securing Sensible Files
5.5 Securing Sensible Files
-Chapter 6 Clustering
Chapter 6 Clustering
-6.1 How it Works
6.1 How it Works
6.1.1 Router
6.1.1 Router
6.1.2 Local Router
6.1.2 Local Router
6.1.3 Session Manager
6.1.3 Session Manager
6.1.4 s2s Manager
6.1.4 s2s Manager
6.2 Clustering Setup
6.2 Clustering Setup
access
’ options because they will be taken from
enabled only on one machine in the cluster.
6.3 Service Load-Balancing
6.3 Service Load-Balancing
-6.3.1 Components Load-Balancing
-6.3.2 Domain Load-Balancing Algorithm
6.3.1 Components Load-Balancing
+6.3.2 Domain Load-Balancing Algorithm
{domain_balancing, "component.example.com", <balancing_criterium>}.
When there is a risk of failure for a given component, domain balancing can cause service trouble. If one component is failing the service will not work correctly unless the sessions are rebalanced.
In this case, it is best to limit the problem to the sessions handled by the failing component. This is what the domain_balancing_component_number option does, making the load balancing algorithm not dynamic, but sticky on a fix number of component instances.
The syntax is the following:
{domain_balancing_component_number, "component.example.com", N}-
An ejabberd node writes two log files: +
An ejabberd node writes two log files:
The Debug Console is an Erlang shell attached to an already running ejabberd server. +
The Debug Console is an Erlang shell attached to an already running ejabberd server. With this Erlang shell, an experienced administrator can perform complex tasks.
This shell gives complete control over the ejabberd server, so it is important to use it with extremely care. There are some simple and safe examples in the article Interconnecting Erlang Nodes
To exit the shell, close the window or press the keys: control+c control+c.
-ejabberd includes a watchdog mechanism that may be useful to developers when troubleshooting a problem related to memory usage. If a process in the ejabberd server consumes more memory than the configured threshold, @@ -3576,7 +3627,7 @@ or in a conversation with the watchdog alert bot.
Example configuration: To remove all watchdog admins, set the option with an empty list:
{watchdog_admins, []}.-
The source code of ejabberd supports localization. The translators can edit the gettext .po files @@ -3611,9 +3662,9 @@ HTTP header ‘Accept-Language: ru’
Release notes are available from ejabberd Home Page
-Thanks to all people who contributed to this guide: +
Thanks to all people who contributed to this guide:
Ejabberd Installation and Operation Guide.
+
Ejabberd Installation and Operation Guide.
Copyright © 2003 — 2009 ProcessOne
This document is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 diff --git a/doc/guide.tex b/doc/guide.tex index e613106dd..7b0b46c47 100644 --- a/doc/guide.tex +++ b/doc/guide.tex @@ -68,6 +68,7 @@ \newcommand{\modconfigure}{\module{mod\_configure}} \newcommand{\moddisco}{\module{mod\_disco}} \newcommand{\modecho}{\module{mod\_echo}} +\newcommand{\modhttpbind}{\module{mod\_http\_bind}} \newcommand{\modhttpfileserver}{\module{mod\_http\_fileserver}} \newcommand{\modlast}{\module{mod\_last}} \newcommand{\modlastodbc}{\module{mod\_last\_odbc}} @@ -94,10 +95,13 @@ \newcommand{\modversion}{\module{mod\_version}} %% Contributed modules -\usepackage{ifthen} -\newboolean{modhttpbind} -\newcommand{\modhttpbind}{\module{mod\_http\_bind}} -\include{contributed_modules} +%\usepackage{ifthen} +%\newboolean{modhttpbind} +%\newcommand{\modhttpbind}{\module{mod\_http\_bind}} +%\include{contributed_modules} +% +% Then in the document you can input the partial tex file with: +%\ifthenelse{\boolean{modhttpbind}}{\input{mod_http_bind.tex}}{} %% Common options \newcommand{\iqdiscitem}[1]{\titem{iqdisc} \ind{options!iqdisc}This specifies @@ -2647,7 +2651,70 @@ Example: Mirror, mirror, on the wall, who is the most beautiful ]}. \end{verbatim} -\ifthenelse{\boolean{modhttpbind}}{\input{mod_http_bind.tex}}{} +\makesubsection{modhttpbind}{\modhttpbind{}} +\ind{modules!\modhttpbind{}}\ind{modhttpbind} + +This module implements XMPP over Bosh (formerly known as HTTP Binding) +as defined in \xepref{0124} and \xepref{0206}. +It extends ejabberd's built in HTTP service with a configurable +resource at which this service will be hosted. + +To use HTTP-Binding, enable the module: +\begin{verbatim} +{modules, + [ + ... + {mod_http_bind, []}, + ... +]}. +\end{verbatim} +and add \verb|http_bind| in the HTTP service. For example: +\begin{verbatim} +{listen, + [ + ... + {5280, ejabberd_http, [ + http_bind, + http_poll, + web_admin + ] + }, + ... +]}. +\end{verbatim} +With this configuration, the module will serve the requests sent to +\verb|http://example.org:5280/http-bind/| +Remember that this page is not designed to be used by web browsers, +it is used by Jabber clients that support XMPP over Bosh. + +If you want to set the service in a different URI path or use a different module, +you can configure it manually using the option \verb|request_handlers|. +For example: +\begin{verbatim} +{listen, + [ + ... + {5280, ejabberd_http, [ + {request_handlers, [{["http-bind"], mod_http_bind}]}, + http_poll, + web_admin + ] + }, + ... +]}. +\end{verbatim} + +The maximum inactivity period is by default 30 seconds. +This can be configured with the module option \term{max\_inactivity}. +For example, to set 50 seconds: +\begin{verbatim} +{modules, + [ + ... + {mod_http_bind, [ {max_inactivity, 50} ]}, + ... +]}. +\end{verbatim} \makesubsection{modhttpfileserver}{\modhttpfileserver{}} \ind{modules!\modhttpfileserver{}}\ind{modhttpfileserver} diff --git a/src/ejabberd.cfg.example b/src/ejabberd.cfg.example index 8be6b1316..a97356824 100644 --- a/src/ejabberd.cfg.example +++ b/src/ejabberd.cfg.example @@ -155,6 +155,7 @@ %% {["pub", "archive"], mod_http_fileserver}, %% ]}, captcha, + http_bind, http_poll, web_admin ]} @@ -478,6 +479,7 @@ {mod_configure,[]}, % requires mod_adhoc {mod_disco, []}, %%{mod_echo, [{host, "echo.localhost"}]}, + {mod_http_bind, []}, %%{mod_http_fileserver, [ %% {docroot, "/var/www"}, %% {accesslog, "/var/log/ejabberd/access.log"}