mirror of
https://github.com/processone/ejabberd.git
synced 2024-10-11 15:08:56 +02:00
*** empty log message ***
SVN Revision: 50
This commit is contained in:
parent
2aa3c1c720
commit
b88ff5f323
160
doc/guide.html
160
doc/guide.html
@ -116,7 +116,7 @@ runned on them. Each element of list is a tuple with following elements:
|
||||
<LI> <TT>ejabberd_s2s_in</TT>: serves incoming S2S connections;
|
||||
|
||||
<LI> <TT>ejabberd_service</TT>: serves connections to Jabber services (i.e.
|
||||
that used <TT>jabber:component:accept</TT> namespace).
|
||||
that use <TT>jabber:component:accept</TT> namespace).
|
||||
</UL>For example, following configuration defines that C2S connections listened on
|
||||
port 5222, S2S on port 5269 and that service <TT>conference.jabber.org</TT>
|
||||
must be connected to port 8888 with password ``<TT>secret</TT>''.<BR>
|
||||
@ -130,7 +130,48 @@ must be connected to port 8888 with password ``<TT>secret</TT>''.<BR>
|
||||
|
||||
<H4>3.1.3 Access Rules</H4><!--SEC END -->
|
||||
|
||||
<A NAME="sec:configaccess"></A>TBD<BR>
|
||||
<A NAME="sec:configaccess"></A>Access control in <TT>ejabberd</TT> is done via Access Control Lists (ACL). In
|
||||
config file they looks like this:
|
||||
<PRE>
|
||||
{acl, <aclname>, {<acltype>, ...}}.
|
||||
</PRE><TT><acltype></TT> can be one of following:
|
||||
<DL COMPACT=compact>
|
||||
<DT>
|
||||
<TT>all</TT><DD> Matches all JIDs. Example:
|
||||
<PRE>
|
||||
{acl, all, all}.
|
||||
</PRE>
|
||||
<DT><TT>{user, <username>}</TT><DD> Matches local user with name
|
||||
<TT><username></TT>. Example:
|
||||
<PRE>
|
||||
{acl, admin, {user, "aleksey"}}.
|
||||
</PRE>
|
||||
<DT><TT>{user, <username>, <server>}</TT><DD> Matches user with JID
|
||||
<TT><username>@<server></TT>. Example:
|
||||
<PRE>
|
||||
{acl, admin, {user, "aleksey", "jabber.ru"}}.
|
||||
</PRE>
|
||||
<DT><TT>{server, <server>}</TT><DD> Matches any JID from server
|
||||
<TT><server></TT>. Example:
|
||||
<PRE>
|
||||
{acl, jabberorg, {server, "jabber.org"}}.
|
||||
</PRE></DL>Allowing or denying of different services is like this:
|
||||
<PRE>
|
||||
{access, <accessname>, [{allow, <aclname>},
|
||||
{deny, <aclname>},
|
||||
...
|
||||
]}.
|
||||
</PRE>When JID is checked to have access to <TT><accessname></TT>, server
|
||||
sequentially checks if this JID in one of the ACLs that are second elements in
|
||||
eache tuple in list. If one of them matched, then returned first element of
|
||||
matched tuple. Else returned ``<TT>deny</TT>''.<BR>
|
||||
<BR>
|
||||
Example:
|
||||
<PRE>
|
||||
{access, configure, [{allow, admin}]}.
|
||||
{access, something, [{deny, badmans},
|
||||
{allow, all}]}.
|
||||
</PRE>TBD<BR>
|
||||
<BR>
|
||||
<!--TOC subsubsection Modules-->
|
||||
|
||||
@ -151,9 +192,9 @@ Example:
|
||||
{mod_stats, []},
|
||||
{mod_vcard, []},
|
||||
{mod_offline, []},
|
||||
{mod_echo, [{host, "echo.e.localhost"}]},
|
||||
{mod_echo, [{host, "echo.localhost"}]},
|
||||
{mod_private, []},
|
||||
{mod_time, [{pdisc, no_queue}]},
|
||||
{mod_time, [{iqdisc, no_queue}]},
|
||||
{mod_version, []}
|
||||
]}.
|
||||
</PRE><!--TOC subsection Online Configuration-->
|
||||
@ -172,7 +213,63 @@ TBD<BR>
|
||||
|
||||
<H2>4 Distribution</H2><!--SEC END -->
|
||||
|
||||
<A NAME="sec:distribution"></A><!--TOC section Built-in Modules-->
|
||||
<A NAME="sec:distribution"></A><!--TOC subsection How it works-->
|
||||
|
||||
<H3>4.1 How it works</H3><!--SEC END -->
|
||||
|
||||
<A NAME="sec:howitworks"></A>Jabber domain is served by one or more <TT>ejabberd</TT> nodes. This nodes can be
|
||||
runned on different computers that can be connected via network. They all must
|
||||
have access to connect to port 4369 of all another nodes, and must have same
|
||||
magic cookie (see Erlang/OTP documentation, in short file
|
||||
<TT>ejabberd/.erlang.cookie</TT> must be the same on all nodes). This is
|
||||
needed because all nodes exchange information about connected users, S2S
|
||||
connection ,registered services, etc...<BR>
|
||||
<BR>
|
||||
Each <TT>ejabberd</TT> node run following modules:
|
||||
<UL>
|
||||
<LI>
|
||||
router;
|
||||
|
||||
<LI> local router.
|
||||
|
||||
<LI> session manager;
|
||||
|
||||
<LI> S2S manager;
|
||||
</UL><!--TOC subsubsection Router-->
|
||||
|
||||
<H4>4.1.1 Router</H4><!--SEC END -->
|
||||
This module is the main router of Jabber packets on each node. It route
|
||||
them based on their destanations domains. It have two tables: local and global
|
||||
routes. First, domain of packet destination searched in local table, and if it
|
||||
finded, then packet routed to appropriate process. If no, then it searched in
|
||||
global table, and routed to appropriate <TT>ejabberd</TT> node or process. If it not
|
||||
exists in both tables, then it sended to S2S manager.<BR>
|
||||
<BR>
|
||||
<!--TOC subsubsection Local Router-->
|
||||
|
||||
<H4>4.1.2 Local Router</H4><!--SEC END -->
|
||||
This module route packets which have destination domain equal to this server
|
||||
name. If destination JID have node, then it routed to session manager, else it
|
||||
processed depending on it content.<BR>
|
||||
<BR>
|
||||
<!--TOC subsubsection Session Manager-->
|
||||
|
||||
<H4>4.1.3 Session Manager</H4><!--SEC END -->
|
||||
This module route packets to local users. It search to what user resource
|
||||
packet must be sended via presence table. If this reseouce connected to this
|
||||
node, it routed to C2S process, if it connected via another node, then packet
|
||||
sended to session manager on it.<BR>
|
||||
<BR>
|
||||
<!--TOC subsubsection S2S Manager-->
|
||||
|
||||
<H4>4.1.4 S2S Manager</H4><!--SEC END -->
|
||||
This module route packets to another Jabber servers. First, it check if
|
||||
to domain of packet destination from domain of source already opened S2S
|
||||
connection. If it opened on another node, then it routed to S2S manager on
|
||||
that node, if it opened on this node, then it routed to process that serve this
|
||||
connection, and if this connection not exists, then it opened and registered.<BR>
|
||||
<BR>
|
||||
<!--TOC section Built-in Modules-->
|
||||
|
||||
<H2>5 Built-in Modules</H2><!--SEC END -->
|
||||
|
||||
@ -209,7 +306,20 @@ queries. Possible values are:
|
||||
<PRE>
|
||||
{modules, [
|
||||
...
|
||||
{mod_time, [{pdisc, no_queue}]},
|
||||
{mod_time, [{iqdisc, no_queue}]},
|
||||
...
|
||||
]}.
|
||||
</PRE><!--TOC subsubsection Option <TT>host</TT>-->
|
||||
|
||||
<H4>5.1.2 Option <TT>host</TT></H4><!--SEC END -->
|
||||
Some modules may act as services, and wants to have different domain name.
|
||||
This option explicitly defines this name.<BR>
|
||||
<BR>
|
||||
Example:
|
||||
<PRE>
|
||||
{modules, [
|
||||
...
|
||||
{mod_echo, [{host, "echo.myjabber.org"}]},
|
||||
...
|
||||
]}.
|
||||
</PRE><!--TOC subsection <TT>mod_register</TT>-->
|
||||
@ -232,7 +342,17 @@ queries. Possible values are:
|
||||
|
||||
<H3>5.6 <TT>mod_stats</TT></H3><!--SEC END -->
|
||||
|
||||
<A NAME="sec:modstats"></A><!--TOC subsection <TT>mod_vcard</TT>-->
|
||||
<A NAME="sec:modstats"></A>This module adds support of
|
||||
<A HREF="http://www.jabber.org/jeps/jep-0039.html">JEP-0039</A> (Statistics Gathering).<BR>
|
||||
<BR>
|
||||
Options:
|
||||
<DL COMPACT=compact>
|
||||
<DT>
|
||||
<TT>iqdisc</TT><DD> <TT>http://jabber.org/protocol/stats</TT> IQ queries
|
||||
processing discipline.
|
||||
</DL>TBD about access.<BR>
|
||||
<BR>
|
||||
<!--TOC subsection <TT>mod_vcard</TT>-->
|
||||
|
||||
<H3>5.7 <TT>mod_vcard</TT></H3><!--SEC END -->
|
||||
|
||||
@ -248,15 +368,35 @@ queries. Possible values are:
|
||||
|
||||
<H3>5.10 <TT>mod_private</TT></H3><!--SEC END -->
|
||||
|
||||
<A NAME="sec:modprivate"></A><!--TOC subsection <TT>mod_time</TT>-->
|
||||
<A NAME="sec:modprivate"></A>This module adds support of
|
||||
<A HREF="http://www.jabber.org/jeps/jep-0049.html">JEP-0049</A> (Private XML
|
||||
Storage).<BR>
|
||||
<BR>
|
||||
Options:
|
||||
<DL COMPACT=compact>
|
||||
<DT>
|
||||
<TT>iqdisc</TT><DD> <TT>jabber:iq:private</TT> IQ queries processing discipline.
|
||||
</DL><!--TOC subsection <TT>mod_time</TT>-->
|
||||
|
||||
<H3>5.11 <TT>mod_time</TT></H3><!--SEC END -->
|
||||
|
||||
<A NAME="sec:modtime"></A><!--TOC subsection <TT>mod_version</TT>-->
|
||||
<A NAME="sec:modtime"></A>This module answers UTC time on <TT>jabber:iq:time</TT> queries.<BR>
|
||||
<BR>
|
||||
Options:
|
||||
<DL COMPACT=compact>
|
||||
<DT>
|
||||
<TT>iqdisc</TT><DD> <TT>jabber:iq:time</TT> IQ queries processing discipline.
|
||||
</DL><!--TOC subsection <TT>mod_version</TT>-->
|
||||
|
||||
<H3>5.12 <TT>mod_version</TT></H3><!--SEC END -->
|
||||
|
||||
<A NAME="sec:modversion"></A><!--HTMLFOOT-->
|
||||
<A NAME="sec:modversion"></A>This module answers <TT>ejabberd</TT> version on <TT>jabber:iq:version</TT> queries.<BR>
|
||||
<BR>
|
||||
Options:
|
||||
<DL COMPACT=compact>
|
||||
<DT>
|
||||
<TT>iqdisc</TT><DD> <TT>jabber:iq:version</TT> IQ queries processing discipline.
|
||||
</DL><!--HTMLFOOT-->
|
||||
<!--ENDHTML-->
|
||||
|
||||
<!--FOOTER-->
|
||||
|
153
doc/guide.tex
153
doc/guide.tex
@ -1,4 +1,4 @@
|
||||
\documentclass[12pt]{article}
|
||||
\documentclass[10pt]{article}
|
||||
|
||||
\usepackage{graphics}
|
||||
\usepackage{hevea}
|
||||
@ -8,6 +8,7 @@
|
||||
\newcommand{\imgscale}{0.7}
|
||||
|
||||
|
||||
\newcommand{\ns}[1]{\texttt{#1}}
|
||||
\newcommand{\ejabberd}{\texttt{ejabberd}}
|
||||
\newcommand{\Jabber}{Jabber}
|
||||
|
||||
@ -144,7 +145,7 @@ Currently three modules implemented:
|
||||
\item \texttt{ejabberd\_c2s}: serves C2S connections;
|
||||
\item \texttt{ejabberd\_s2s\_in}: serves incoming S2S connections;
|
||||
\item \texttt{ejabberd\_service}: serves connections to \Jabber{} services (i.e.
|
||||
that used \texttt{jabber:component:accept} namespace).
|
||||
that use \texttt{jabber:component:accept} namespace).
|
||||
\end{itemize}
|
||||
|
||||
For example, following configuration defines that C2S connections listened on
|
||||
@ -162,7 +163,54 @@ must be connected to port 8888 with password ``\texttt{secret}''.
|
||||
\subsubsection{Access Rules}
|
||||
\label{sec:configaccess}
|
||||
|
||||
TBD
|
||||
Access control in \ejabberd{} is done via Access Control Lists (ACL). In
|
||||
config file they looks like this:
|
||||
\begin{verbatim}
|
||||
{acl, <aclname>, {<acltype>, ...}}.
|
||||
\end{verbatim}
|
||||
|
||||
\texttt{<acltype>} can be one of following:
|
||||
\begin{description}
|
||||
\item[\texttt{all}] Matches all JIDs. Example:
|
||||
\begin{verbatim}
|
||||
{acl, all, all}.
|
||||
\end{verbatim}
|
||||
\item[\texttt{\{user, <username>\}}] Matches local user with name
|
||||
\texttt{<username>}. Example:
|
||||
\begin{verbatim}
|
||||
{acl, admin, {user, "aleksey"}}.
|
||||
\end{verbatim}
|
||||
\item[\texttt{\{user, <username>, <server>\}}] Matches user with JID
|
||||
\texttt{<username>@<server>}. Example:
|
||||
\begin{verbatim}
|
||||
{acl, admin, {user, "aleksey", "jabber.ru"}}.
|
||||
\end{verbatim}
|
||||
\item[\texttt{\{server, <server>\}}] Matches any JID from server
|
||||
\texttt{<server>}. Example:
|
||||
\begin{verbatim}
|
||||
{acl, jabberorg, {server, "jabber.org"}}.
|
||||
\end{verbatim}
|
||||
\end{description}
|
||||
|
||||
Allowing or denying of different services is like this:
|
||||
\begin{verbatim}
|
||||
{access, <accessname>, [{allow, <aclname>},
|
||||
{deny, <aclname>},
|
||||
...
|
||||
]}.
|
||||
\end{verbatim}
|
||||
When JID is checked to have access to \texttt{<accessname>}, server
|
||||
sequentially checks if this JID in one of the ACLs that are second elements in
|
||||
eache tuple in list. If one of them matched, then returned first element of
|
||||
matched tuple. Else returned ``\texttt{deny}''.
|
||||
|
||||
Example:
|
||||
\begin{verbatim}
|
||||
{access, configure, [{allow, admin}]}.
|
||||
{access, something, [{deny, badmans},
|
||||
{allow, all}]}.
|
||||
\end{verbatim}
|
||||
|
||||
|
||||
|
||||
\subsubsection{Modules}
|
||||
@ -183,7 +231,7 @@ Example:
|
||||
{mod_stats, []},
|
||||
{mod_vcard, []},
|
||||
{mod_offline, []},
|
||||
{mod_echo, [{host, "echo.e.localhost"}]},
|
||||
{mod_echo, [{host, "echo.localhost"}]},
|
||||
{mod_private, []},
|
||||
{mod_time, [{iqdisc, no_queue}]},
|
||||
{mod_version, []}
|
||||
@ -206,7 +254,58 @@ TBD
|
||||
\label{sec:distribution}
|
||||
|
||||
|
||||
\subsection{How it works}
|
||||
\label{sec:howitworks}
|
||||
|
||||
\Jabber{} domain is served by one or more \ejabberd{} nodes. This nodes can be
|
||||
runned on different computers that can be connected via network. They all must
|
||||
have access to connect to port 4369 of all another nodes, and must have same
|
||||
magic cookie (see Erlang/OTP documentation, in short file
|
||||
\texttt{\~ejabberd/.erlang.cookie} must be the same on all nodes). This is
|
||||
needed because all nodes exchange information about connected users, S2S
|
||||
connection ,registered services, etc...
|
||||
|
||||
Each \ejabberd{} node run following modules:
|
||||
\begin{itemize}
|
||||
\item router;
|
||||
\item local router.
|
||||
\item session manager;
|
||||
\item S2S manager;
|
||||
\end{itemize}
|
||||
|
||||
|
||||
\subsubsection{Router}
|
||||
|
||||
This module is the main router of \Jabber{} packets on each node. It route
|
||||
them based on their destanations domains. It have two tables: local and global
|
||||
routes. First, domain of packet destination searched in local table, and if it
|
||||
finded, then packet routed to appropriate process. If no, then it searched in
|
||||
global table, and routed to appropriate \ejabberd{} node or process. If it not
|
||||
exists in both tables, then it sended to S2S manager.
|
||||
|
||||
|
||||
\subsubsection{Local Router}
|
||||
|
||||
This module route packets which have destination domain equal to this server
|
||||
name. If destination JID have node, then it routed to session manager, else it
|
||||
processed depending on it content.
|
||||
|
||||
|
||||
\subsubsection{Session Manager}
|
||||
|
||||
This module route packets to local users. It search to what user resource
|
||||
packet must be sended via presence table. If this reseouce connected to this
|
||||
node, it routed to C2S process, if it connected via another node, then packet
|
||||
sended to session manager on it.
|
||||
|
||||
|
||||
\subsubsection{S2S Manager}
|
||||
|
||||
This module route packets to another \Jabber{} servers. First, it check if
|
||||
to domain of packet destination from domain of source already opened S2S
|
||||
connection. If it opened on another node, then it routed to S2S manager on
|
||||
that node, if it opened on this node, then it routed to process that serve this
|
||||
connection, and if this connection not exists, then it opened and registered.
|
||||
|
||||
|
||||
\section{Built-in Modules}
|
||||
@ -250,6 +349,23 @@ Example:
|
||||
]}.
|
||||
\end{verbatim}
|
||||
|
||||
|
||||
\subsubsection{Option \texttt{host}}
|
||||
|
||||
Some modules may act as services, and wants to have different domain name.
|
||||
This option explicitly defines this name.
|
||||
|
||||
Example:
|
||||
\begin{verbatim}
|
||||
{modules, [
|
||||
...
|
||||
{mod_echo, [{host, "echo.myjabber.org"}]},
|
||||
...
|
||||
]}.
|
||||
\end{verbatim}
|
||||
|
||||
|
||||
|
||||
\subsection{\modregister{}}
|
||||
\label{sec:modregister}
|
||||
|
||||
@ -273,7 +389,16 @@ Example:
|
||||
\subsection{\modstats{}}
|
||||
\label{sec:modstats}
|
||||
|
||||
This module adds support of
|
||||
\footahref{http://www.jabber.org/jeps/jep-0039.html}{JEP-0039} (Statistics Gathering).
|
||||
|
||||
Options:
|
||||
\begin{description}
|
||||
\item[\texttt{iqdisc}] \ns{http://jabber.org/protocol/stats} IQ queries
|
||||
processing discipline.
|
||||
\end{description}
|
||||
|
||||
TBD about access.
|
||||
|
||||
\subsection{\modvcard{}}
|
||||
\label{sec:modvcard}
|
||||
@ -293,16 +418,36 @@ Example:
|
||||
\subsection{\modprivate{}}
|
||||
\label{sec:modprivate}
|
||||
|
||||
This module adds support of
|
||||
\footahref{http://www.jabber.org/jeps/jep-0049.html}{JEP-0049} (Private XML
|
||||
Storage).
|
||||
|
||||
Options:
|
||||
\begin{description}
|
||||
\item[\texttt{iqdisc}] \ns{jabber:iq:private} IQ queries processing discipline.
|
||||
\end{description}
|
||||
|
||||
\subsection{\modtime{}}
|
||||
\label{sec:modtime}
|
||||
|
||||
This module answers UTC time on \ns{jabber:iq:time} queries.
|
||||
|
||||
Options:
|
||||
\begin{description}
|
||||
\item[\texttt{iqdisc}] \ns{jabber:iq:time} IQ queries processing discipline.
|
||||
\end{description}
|
||||
|
||||
|
||||
\subsection{\modversion{}}
|
||||
\label{sec:modversion}
|
||||
|
||||
This module answers \ejabberd{} version on \ns{jabber:iq:version} queries.
|
||||
|
||||
Options:
|
||||
\begin{description}
|
||||
\item[\texttt{iqdisc}] \ns{jabber:iq:version} IQ queries processing discipline.
|
||||
\end{description}
|
||||
|
||||
|
||||
|
||||
|
||||
|
@ -21,17 +21,6 @@
|
||||
|
||||
start() ->
|
||||
register(ejabberd_local, spawn(ejabberd_local, init, [])),
|
||||
%mod_register:start(one_queue),
|
||||
%mod_roster:start(one_queue),
|
||||
%mod_configure:start(one_queue),
|
||||
%mod_disco:start(one_queue),
|
||||
%mod_stats:start(one_queue),
|
||||
%mod_vcard:start(one_queue),
|
||||
%mod_offline:start(),
|
||||
%mod_echo:start(),
|
||||
%mod_private:start(one_queue),
|
||||
%mod_time:start(one_queue),
|
||||
%mod_version:start(one_queue),
|
||||
ok.
|
||||
|
||||
init() ->
|
||||
|
Loading…
Reference in New Issue
Block a user