Tigase XMPP Server Board

Tigase server administration: RE: Tigase HTTP REST API set up API key issue

Tue, 10/21/2014 - 09:41

1. you can use either - api-key parameter or Api-Key header
2. with --api-keys=open_access there shouldn't be any notification about requirement of valid key.

what do you mean by 'default password'? it uses admin account and it's password.

Categories: Tigase Forums

Tigase server administration: Tigase HTTP REST API set up API key issue

Tue, 10/21/2014 - 09:28

Hi,

When I access
http://localhost:8080/rest/users
I get this error
HTTP ERROR: 403 Problem accessing /rest/users. Reason: To access URI = '/rest/users' a valid api key is required

As instructed in tigase http api wiki https://projects.tigase.org/projects/tigase-http-api/wiki/Configuration I have done the following configuration in the etc/init.properties

--comp-name-5 = rest --comp-class-5 = tigase.http.rest.RestMessageReceiver --api-keys=open_access

I am using snapshot of tigase-server 5.2.3 from the stable branch.

  1. How should the API key be provided to the rest server, is it in the request header or in the GET parameter or somewhere else?
  2. Considering that I used the --api-keys=open_access in etc/init.properties shouldn't the API not request any key?
    1. If there is a default password what would that be?

Your help is much appreciated.

Thanks,
Pratap

Categories: Tigase Forums

Tigase server administration: RE: Problem with WSS (Tigase 5.2.0 - 5.2.2)

Tue, 10/21/2014 - 08:33

Yes i think you are right about self-signed certificate and websocket.
I will try a valid certificate.
Regards

Categories: Tigase Forums

Tigase server administration: RE: Problem with WSS (Tigase 5.2.0 - 5.2.2)

Tue, 10/21/2014 - 07:54

You can use self-signed certificates with Tigase XMPP Server, but from my observations browsers will reject self-signed certificates for WebSocket connections as they consider them as unsafe. In case of self-signed certificate for HTTPS connection (loading main page) browsers can ask user for confimation that SSL certificate is trusted but in case of WebSocket as it is used from JavaScript it would be difficult for browsers to popup additional questions and for this reason I suppose they reject self-signed or not verified certificates for WebSocket connections.

Categories: Tigase Forums

Tigase server administration: RE: Problem with WSS (Tigase 5.2.0 - 5.2.2)

Tue, 10/21/2014 - 06:49

I have generated a self-signed certificate with openssl but i still have error when connecting with websocket.
Can i use a self-signed certificate with tigase? Do you know if browsers accept self-signed certificate for websocket connections?

Thank you in advance

Categories: Tigase Forums

Tigase server development: Migrating from Prosody and salted SHA1 password hashes

Tue, 10/21/2014 - 06:31

Hi everyone,

I'm currently in the process of migrating the user base of a salted SHA1 backed Prosody to Tigase, and I'm stuck on the migration of the password hashes. Have you guys been through it?

I've been looking at the stored procedures that adds/updates users in https://repository.tigase.org/reps/tigase-server/trunk/database/postgresql-schema-4-sp.sql and your efforts regarding SCRAM https://projects.tigase.org/projects/tigase-server/repository/revisions/4bf9429209fe9f77c12c9cc510243625dc971750 and I was wondering how (if) they fit together.

What are you plans regarding supporting an user base relying on salted SHA1 hashes?

Categories: Tigase Forums

Tigase server administration: RE: Problem with WSS (Tigase 5.2.0 - 5.2.2)

Tue, 10/21/2014 - 06:11

Thank you for your quick answers.
I'm acutally trying to validate my certificate PEM file with openssl.
Regards

Categories: Tigase Forums

Tigase server administration: RE: Problem with WSS (Tigase 5.2.0 - 5.2.2)

Tue, 10/21/2014 - 06:09

I suppose this issue is related to the fact that browsers may reject connections to wss:// endpoint if SSL certificate is not valid or SSL certificate is not for proper domain or when SSL certificate is self-signed as browser will be unable to validate if certificate is valid and secure.

I would suggest to try to use openssl to verify if proper SSL certificate is served over wss:// endpoint and if certificate is valid.

Categories: Tigase Forums

Tigase server administration: RE: Problem with WSS (Tigase 5.2.0 - 5.2.2)

Tue, 10/21/2014 - 05:55

Most likely, Chrome has no idea that it should use SSL socket and attempts to connect over plain socket.

Andrzej: do you have any suggestions? Have you tested websockets over SSL?

Categories: Tigase Forums

Tigase server administration: Problem with WSS (Tigase 5.2.0 - 5.2.2)

Tue, 10/21/2014 - 05:34

Hello

i try to enable WebSocket over SSL in tigase
Everything works fine with plain websocket connection (ws://) but when i try to enable SSL on port 5291, brothers can not connect to wss:// on port 5291

My configuration works with a virtual host named "iash".

Here is my init.properties file :

--cluster-mode = false
config-type = --gen-config-def
--debug = server,ws2s
--user-db = derby
--admins = admin@isah
--user-db-uri = jdbc:mysql://172.20.1.62/dmz_dis_tigase?user=***&password=***
#user-db-uri = jdbc:derby:c:\\Tigase\\tigasedb
--virt-hosts = isah
--comp-name-3 = message-archive
--comp-class-3 = tigase.archive.MessageArchiveComponent
--comp-class-2 = tigase.socks5.Socks5ProxyComponent
--comp-name-2 = proxy
--comp-class-1 = tigase.muc.MUCComponent
--comp-name-1 = muc
--sm-plugins = +message-archive-xep-0136,+jabber:iq:auth,+urn:ietf:params:xml:ns:xmpp-sasl,+urn:ietf:params:xml:ns:xmpp-bind,+urn:ietf:params:xml:ns:xmpp-session,+jabber:iq:register,+jabber:iq:roster,+presence,+jabber:iq:privacy,+jabber:iq:version,+http://jabber.org/protocol/stats,+starttls,+msgoffline,+vcard-temp,+http://jabber.org/protocol/commands,+jabber:iq:private,+urn:xmpp:ping,+basic-filter,+domain-filter,+pep,-zlib
--tigase.cache = false
--comp-name-4 = ws2s
--comp-class-4 = tigase.server.websocket.WebSocketClientConnectionManager
ws2s/connections/ports[i]=5290,5291
ws2s/connections/5291/socket=ssl
ws2s/connections/5291/type=accept

Firefox logs :

"websocket supported" ChatManager.js:36
"Server URL: wss://isah:5291/http-bind/" ChatManager.js:37
"isah.Contacts.initConnection" Contacts.js:131
"isah.Contacts.authenticate" Contacts.js:134
L'utilisation de « getPreventDefault() » est obsolète. Utiliser « defaultPrevented » à la place. jquery-1.8.2.min.js:2
Firefox ne peut établir de connexion avec le serveur à l'adresse wss://isah:5291/http-bind/. jsjac.uncompressed.js:5198
"websocket error" jsjac.uncompressed.js:1749

"_handleError" ChatManager.js:129
<error code="503" type="cancel">

Chrome logs :

websocket supported ChatManager.js:36
Server URL: wss://isah:5291/http-bind/ ChatManager.js:37
isah.Contacts.initConnection Contacts.js:131
isah.Contacts.authenticate Contacts.js:134
WebSocket connection to 'wss://isah:5291/http-bind/' failed: WebSocket opening handshake was canceled jsjac.uncompressed.js:5198
websocket error jsjac.uncompressed.js:1749
_handleError ChatManager.js:129
<error code=​"503" type=​"cancel">​…​</error>​

I sent tigase log file in attachment

Do you have any ideas for this issue ?
Thanks a lot !

Thomas

Categories: Tigase Forums

Tigase server administration: RE: Installation issue

Tue, 10/21/2014 - 04:29

Hi Wojciech,

Thanks a lot for your help.

I completely ignored adding the configuration file.

It works perfect now.

Categories: Tigase Forums

Tigase server development: RE: Chat bot as component

Tue, 10/21/2014 - 04:26

That was it! Thanks!

Categories: Tigase Forums

Tigase server development: RE: deadlock !!

Tue, 10/21/2014 - 02:42

thx!

Categories: Tigase Forums

Tigase server development: RE: deadlock !!

Tue, 10/21/2014 - 02:40

I've created ticket - please follow it for resolution: #2415

Categories: Tigase Forums

Tigase server administration: RE: Installation issue

Tue, 10/21/2014 - 02:32

How do you start Tigase? It looks like you are not passing config file as an argument hence Tigase uses default and completely ignores your configuration. You should use (under linux), from tigase home directory:
scripts/tigase.sh start etc/tigase.conf

Categories: Tigase Forums

Tigase server administration: RE: Installation issue

Mon, 10/20/2014 - 22:24

Hi Wojciech,

I have done that.

I have attached the following three files you have requested for.

I am currently using Sun JDK 7 to run tigase on.

Categories: Tigase Forums

Tigase server development: RE: deadlock !!

Mon, 10/20/2014 - 19:01

Seems like at bad network, client try to reconnect again and agian. so two or more resource-bind request arrived the server in the same time. before resource-bind, the anonymous session locked itself and try to close others. when two sessions locked themslves and try to close each other, deadlock happen!

Categories: Tigase Forums

Tigase server administration: RE: Installation issue

Mon, 10/20/2014 - 07:51

Please share complete logs/tigase-console.log and logs/tigase.log.0 logs from clean startup after which the issue manifest itself. Please also modify etc/init.properties and have following debug settings enabled:
--debug=server,xmpp.impl,db

Categories: Tigase Forums

Tigase server administration: RE: Installation issue

Mon, 10/20/2014 - 04:24

I am unable to find any Authentication Repository errors. I also tried using the default Derby Database to avoid any database errors.

Categories: Tigase Forums

Tigase server development: RE: conection failed

Mon, 10/20/2014 - 03:12

Hm, in your client configuration do you use fixed bind resource name or allow server to configure it?

Categories: Tigase Forums

Pages

Get in touch

We provide software products, consulting and custom development services

Tigase, Inc.
100 Pine Street, Suite 1250
San Francisco, CA 94111, USA
Phone: (415) 315 9771

Follow us on:

Twitter

  • Stable communication in Tigase Messenger is due to servers operated by an experienced team. Tigase servers are... http://t.co/C9Unx5JPbA 1 day 15 hours ago
  • If you need a stable communication with the world Tigase Messenger is for you. Test it. http://t.co/CZeskBZgon 3 days 21 hours ago
Back to Top