Project

General

Profile

Having {--virt-hosts=domain.net:-anon:register}; Can we filter unknown ANONYMOUS messages

Hamid Alimohammadi
Added about 4 years ago

Hi,

We randomly receive some anonymous message initiated by unknown users like "d062cd1a-1306-4f68-9bc2-19d43dd751e7@domain.net"

After checking the log files, we noticed "Anon=true" and "PERMISSION=ANONYM" (kindly check bellow readouts from tigase.log.0 file).

In the Tigase documentation site, I found an option --virt-hosts=domain.net:-anon:register

Do you think with adding --virt-hosts=domain.net:-anon:register to our init.properties we can fix the problem?

Recently the number of random message increased. Just for my curiosity; Do you know what might be the origin of this messages?

Any help highly appreciated


2014-12-16 15:40:55.374 [in_21-sess-man]   SessionManager.processPacket()     FINEST:   Packet processed by: [urn:ietf:params:xml:ns:xmpp-sasl]
2014-12-16 15:40:55.374 [urn:ietf:params:xml:ns:xmpp-sasl Queue Worker 1]  SessionManager.handleLogin()  FINEST: handleLogin called for: d062cd1a-1306-4f68-9bc2-19d43dd751e7@domain.net, conn_id: XMPPResourceConnection=[user_jid=null, packets=1, connectioId=c2s@domain.net/10.10.10.71_5222_11.11.11.152_49955, domain=domain.net, authState=AUTHORIZED, *isAnon=true*, isTmp=false]
2014-12-16 15:40:55.374 [urn:ietf:params:xml:ns:xmpp-sasl Queue Worker 1]  SessionManager.registerNewSession()  FINEST: Created new XMPPSession for: d062cd1a-1306-4f68-9bc2-19d43dd751e7@domain.net
2014-12-16 15:40:55.375 [in_5-message-router]  MessageRouter.processPacket()  FINEST:   Processing packet: from=sess-man@domain.net, to=c2s@domain.net/10.10.10.71_5222_11.11.11.152_49955, DATA=<success xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/>, SIZE=51, XMLNS=urn:ietf:params:xml:ns:xmpp-sasl, PRIORITY=NORMAL, PERMISSION=ANONYM, TYPE=null
2014-12-16 15:40:55.375 [in_5-message-router]  MessageRouter.getLocalComponent()  FINEST: Called for : c2s@domain.net/10.10.10.71_5222_11.11.11.152_49955
2014-12-16 15:40:55.375 [in_5-message-router]  MessageRouter.getLocalComponent()  FINEST: No componentID matches (fast lookup against exact address): c2s@domain.net/10.10.10.71_5222_11.11.11.152_49955, for map: [ws2s@domain.net, vhost-man@domain.net, c2s@domain.net, stats@domain.net, bosh@domain.net, monitor@domain.net, amp@domain.net, s2s@domain.net, basic-conf@domain.net, sess-man@domain.net]; trying VHost lookup
2014-12-16 15:40:55.375 [in_5-message-router]  MessageRouter.processPacket()  FINEST:   1. Packet will be processed by: c2s@domain.net, from=sess-man@domain.net, to=c2s@domain.net/10.10.10.71_5222_11.11.11.152_49955, DATA=<success xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/>, SIZE=51, XMLNS=urn:ietf:params:xml:ns:xmpp-sasl, PRIORITY=NORMAL, *PERMISSION=ANONYM*, TYPE=null
2014-12-16 15:40:55.375 [in_3-message-router]  MessageRouter.processPacket()  FINEST:   Processing packet: from=sess-man@domain.net, to=null, DATA=<iq to="c2s@domain.net/10.10.10.71_5222_11.11.11.152_49955" from="sess-man@domain.net" id="tig1" type="set"><command xmlns="http://jabber.org/protocol/commands" node="USER_LOGIN"><x xmlns="jabber:x:data" type="submit"><field var="user-jid"><value>d062cd1a-1306-4f68-9bc2-19d43dd751e7@domain.net</value></field></x></command></iq>, SIZE=340, XMLNS=null, PRIORITY=SYSTEM, PERMISSION=NONE, TYPE=set
2014-12-16 15:40:55.375 [in_3-message-router]  MessageRouter.getLocalComponent()

Replies (3)

Added by Wojciech Kapcia TigaseTeam about 4 years ago

Those are user authenticated as ANONYMOUS users (using SASL ANONYMOUS, in contract to SASL PLAIN for example); you can disable such authentication either on VHost level or globally allow only PLAIN authentication (or different kinds, which you prefer) with:

sess-man/plugins-conf/enabled-mechanisms=PLAIN

Added by Hamid Alimohammadi about 4 years ago

Thank you for reply.

If I want to disable such authentication on VHost level; May I ask which two bellow option is proper one? or (Should I use both):

--virt-hosts=domain.net:-anon:register

--vhost-anonymous-enabled = false

Thank you again for help.

Added by Wojciech Kapcia TigaseTeam about 4 years ago

The second one will disable ANONYMOUS globally, therefore the first one is correct.

    (1-3/3)