Project

General

Profile

Tigase customized vhosts and XMPP Commands stanza

Matthew M
Added over 4 years ago

Hi Tigase Team,

We plan write a customized the vhost management, so that we can allow user to register with various email domains, and vhosts are added dynamically.

It seems not hard to customize it, basically we override the VHostManager::isLocalDomain() method, to check if the domain is "local" or not. We actually store the vhost information remotely, such as in LDAPs or other web services.

On the surface, everything works fine for us. But I got puzzled for the packet that's related to xmpp "commands". It looks like Tigase is generating a lot of ad hoc commands packets and routed them internally. For example:

<iq id="819af919" type="set" 
     to="sess-man@hostname.my-server.com" 
     from="user@some-domain.com/some-client">
   <command xmlns="http://jabber.org/protocol/commands"; node="STREAM_CLOSED_UPDATE"/>
  </iq>

Where our tigase server (single instance) is configured with a hostname of "hostname.my-server.com".

We never allow user to register any users with our server dns domains, so there will never be any user like "user@hostname.my-server.com". Instead, we allow them to register with any other email domains, such as "user@a.com", "user@b.com". And we never use any ad-hoc commands by the client, so I think all these command packets are generated by Tigase internally, is it true?

For all these commands packet, there are a lot of places in Tigase code where it is checking if this "hostname.my-server.com" is local domain or not.

The question is, for our customized vhost manager, should isLocalDomain("hostname.my-server.com") returns true or false on these "command packet"?

In other words, what kind domains should be considered as "local domains" in Tigase? Do it includes both of the user-JID-domain and the hostname of the tigase server?

We currently return all "false", as we thought this domain will never be registered by user. And Tigase seems to be running fine. But I am afraid all of these "command" packet will be ignored, which scares me. Should we make it return "true"? What's the consequence of command packets being ignored?

P.S. Is there any document about these internal Tigase command packet, such as STREAM_CLOSED_UPDATE? It seems there are a lot of traffic of these packets. I could not find any XEP related to it, and wonder what's the thoughts behind using these commands by Tigase internally.

Many thanks!


Replies (11)

Added by Wojciech Kapcia TigaseTeam over 4 years ago

Regarding the internal ad-hoc commands - I think that the API/javadoc should be quite informative on it's own: tigase.server.Command

As for isLocalDomain() - it indicates whether given VHost should be processed by local Tigase instance or not, for example imagine you have domains a.com and b.com so if there is a packet for c.com it indicates that it should be either processed by s2s or (if it's stream open from c2s) it should be discarded).

Added by Matthew M over 4 years ago

Maybe I rephrase my question as this:

  • We have user registered from a.com and @b.com@.

  • The tigase server has hostname as @"localhost"@, which means DNSResolver.getDefHostNames() returns "localhost"

  • There will be no users who can register with the doman=localhost.

If we need to configure the domains manually in init.properties file, which one is correct?

1. --virt-hosts=a.com,b.com

or

2. --virt-hosts=a.com,b.com,localhost

I would guess we have to that the 2nd one, which includes @"localhost"@, otherwise, all the tigase.server.Command packets will be ignored, as they look like sess-man@localhost. Is my assumption right?

There is another question about the code: https://projects.tigase.org/projects/tigase-server/repository/revisions/master/entry/src/main/java/tigase/server/xmppsession/SessionManager.java#L1498 ,

where the SessionManager processes the command packet:

     protected boolean processCommand(Packet pc) {
                if ((pc.getStanzaTo() == null) ||!(getComponentId().equals(pc.getStanzaTo()) ||
                                isLocalDomain(pc.getStanzaTo().toString()))) {
                        return false;
                }

where isLocalDomain(pc.getStanzaTo().toString()) looks wrong -- it is passing the FULL JID into isLocalDomain(), which always returns false. Should it be @isLocalDomain(pc.getStanzaTo().getDomain())@?

Avatar?id=6023&size=32x32

Added by Artur Hefczyc TigaseTeam over 4 years ago

Matthew M wrote:

Hi Tigase Team,

We plan write a customized the vhost management, so that we can allow user to register with various email domains, and vhosts are added dynamically.

It seems not hard to customize it, basically we override the VHostManager::isLocalDomain() method, to check if the domain is "local" or not. We actually store the vhost information remotely, such as in LDAPs or other web services.

Just keep in mind that this method is called thousands times a second, so make sure it is fast and highly optimized, no I/O, database or anything like this should be called in this method or you will have performance problems.

For all these commands packet, there are a lot of places in Tigase code where it is checking if this "hostname.my-server.com" is local domain or not.

The question is, for our customized vhost manager, should isLocalDomain("hostname.my-server.com") returns true or false on these "command packet"?

Yes, it should.

In other words, what kind domains should be considered as "local domains" in Tigase? Do it includes both of the user-JID-domain and the hostname of the tigase server?

Canonical hostname of the server.

We currently return all "false", as we thought this domain will never be registered by user. And Tigase seems to be running fine. But I am afraid all of these "command" packet will be ignored, which scares me. Should we make it return "true"? What's the consequence of command packets being ignored?

This domain - canonical hostname, is used internally by Tigase for packets routing and communication between Tigase components. If the command packets are ignored then Tigase will NOT behave correctly.

P.S. Is there any document about these internal Tigase command packet, such as STREAM_CLOSED_UPDATE? It seems there are a lot of traffic of these packets. I could not find any XEP related to it, and wonder what's the thoughts behind using these commands by Tigase internally.

Unfortunately, there is no documentation on this (and other internal) commands as these are internal Tigase stuff.

Avatar?id=6023&size=32x32

Added by Artur Hefczyc TigaseTeam over 4 years ago

Matthew M wrote:

Maybe I rephrase my question as this:

  • We have user registered from a.com and @b.com@.

  • The tigase server has hostname as @"localhost"@, which means DNSResolver.getDefHostNames() returns "localhost"

  • There will be no users who can register with the doman=localhost.

If we need to configure the domains manually in init.properties file, which one is correct?

[...]

or

[...]

I would guess we have to that the 2nd one, which includes @"localhost"@, otherwise, all the tigase.server.Command packets will be ignored, as they look like sess-man@localhost. Is my assumption right?

The first one is correct. Tigase automatically includes server canonical hostname as a local domain so you do not need to put it in the config file. Please note localhost cannot be used in a cluster mode - the Tigase cluster will not function correctly if any of the cluster nodes is configured to have localhost as canonical hostname. The localhost domain should not be used in a non-clustered mode either.

There is another question about the code: https://projects.tigase.org/projects/tigase-server/repository/revisions/master/entry/src/main/java/tigase/server/xmppsession/SessionManager.java#L1498 ,

where the SessionManager processes the command packet:

[...]

where isLocalDomain(pc.getStanzaTo().toString()) looks wrong -- it is passing the FULL JID into isLocalDomain(), which always returns false. Should it be @isLocalDomain(pc.getStanzaTo().getDomain())@?

The condition is correct. The full JID can be also a domain without a localpart and resource and this is what this code is checking, it checks if the packet is addressed to a domain only (one of local domains of the server).

Added by Matthew M over 4 years ago

Many thanks for the explanation!

  1. --virt-hosts=a.com,b.com

The first one is correct. Tigase automatically includes server canonical hostname as a local domain so you do not need to put it in the config file.

I found if I don't include canonical hostname in the option of "--virt-host", Tigase does not treat the server canonical name as local domain.

And I am looking up this code in MessageRouterConfig.java

    if (params.get(GEN_VIRT_HOSTS) != null) {

        LOCAL_ADDRESSES_PROP_VALUE = ((String) params.get(GEN_VIRT_HOSTS)).split(",");

    } else {

        LOCAL_ADDRESSES_PROP_VALUE = DNSResolver.getDefHostNames();

    }

It seems that the canonical name is only added via DNSResolver.getDefHostNames() only if "--virt-host" is not configured in init.properties?

Avatar?id=6023&size=32x32

Added by Artur Hefczyc TigaseTeam over 4 years ago

Matthew M wrote:

Many thanks for the explanation!

  1. --virt-hosts=a.com,b.com

The first one is correct. Tigase automatically includes server canonical hostname as a local domain so you do not need to put it in the config file.

I found if I don't include canonical hostname in the option of "--virt-host", Tigase does not treat the server canonical name as local domain.

Most likely you have your canonical domain name set incorrectly and Tigase does not detect it. How do you know, by the way, that Tigase does not treat the domain as a local domain?

Added by Matthew M over 4 years ago

I printed a log in VHostManager.java isLocalDomain(), whenever a domain is NOT a local, then I found all the XMPP command packet are treated as non local domain.

The command packets have the "to" domain as the tigase server name, which is the same of the output of Linux command "hostname --fqdn". We did not add this hostname to "--virt-hosts" in init.properties, and the log indicates that isLocalDomain() returns false on all these packets.

Avatar?id=6023&size=32x32

Added by Artur Hefczyc TigaseTeam over 4 years ago

Hm, you are actually right. I am sorry for confusion. I did not touch the part of the code for quite some time. The hostname does not have to be recognized as a localdomain by VHostManager.

Added by Matthew M over 4 years ago

So if its not recognized as a localdomain, which means isLocalDomain() returns false, and all of these XMPP commands packets will be ignored and dropped? I suppose tigase will not work properly in this case, otherwise, why does tigase generate these commands packets such as STREAM_CLOSED_UPDATE and send to itself ?

Added by Wojciech Kapcia TigaseTeam over 4 years ago

Tigase is highly modular and those packets serve as a means of inter-component communication (for example from session manager component to connection manager component)

Avatar?id=6023&size=32x32

Added by Artur Hefczyc TigaseTeam over 4 years ago

Matthew M wrote:

So if its not recognized as a localdomain, which means isLocalDomain() returns false, and all of these XMPP commands packets will be ignored and dropped? I suppose tigase will not work properly in this case, otherwise, why does tigase generate these commands packets such as STREAM_CLOSED_UPDATE and send to itself ?

Each Tigase component is more or less independent XMPP entity which can be deployed as an external component. Components communicate with each other using internal commands. Tigase has a few different ways to route packets internal and externally, so it does not always have to be a "localDomain" for some types of packets.

    (1-11/11)