Agregador de noticias

Ignite Realtime Blog: Discontinue Igniterealtime subversion server, migration to Github

Planet Jabber - 17 December, 2014 - 16:00

Greetings all.  Baring any significant community protest, the subversion server for Igniterealtime will be shutdown on 1 January 2015.  All of the active and still relevant repositories have been migrated (with commit histories hopefully in-tact) to our Github presence.

 

The following Ignite subversion repositories were not migrated due to them likely no longer being relevant

  • kraken
  • transports
  • wildfire

 

Some of the migrated repositories to Github have not seen development in a number of years.  We are certainly interested to hear of any community members that may wish to revitalize any of these projects:

 

When the subversion service is shutdown, a copy of the repos will be maintained offline in case anything comes up in the future necessitating its revival.   Github has been an awesome platform to collaborate on for our active projects that migrated a number of months ago.  Hopefully this change helps breathe some life into the older Igniterealtime projects!

ejabberd: ejabberd 14.12

Planet Jabber News - 17 December, 2014 - 14:36

We're pleased to announce the last release of ejabberd for 2014! Thanks to contributors, this release includes great improvements and opens road to 2015.

ejabberd Community 14.12 includes many bugfixes, and a few new features:

  • New module mod_client_state implements XEP-0352: Client State Indication
  • New module mod_fail2ban to ban IPs that show malicious signs
  • New option store_empty_body in mod_offline

read more

ProcessOne: ejabberd Community 14.12

Planet Jabber - 17 December, 2014 - 13:47

We’re pleased to announce the last release of ejabberd for 2014 !
Thanks to contributors, this release includes great improvements and opens road to 2015.

ejabberd Community 14.12 includes many bugfixes, and a few new features:
– New module mod_client_state implements XEP-0352: Client State Indication
– New module mod_fail2ban to ban IPs that show malicious signs
– New option store_empty_body in mod_offline
– New option disable_sasl_mechanisms
– Improve option resend_on_timeout to support if_offline

Improvements mainly cover:
– More robust offline server
– Better charset support in XMLRPC
– Some PEP issues fixed

As usual, the release is tagged in the Git source code repository on github

The source package and binary installers are available at ProcessOne

If you suspect you found a bug, search or fill a bug report in Jira

Peter Saint-Andre: Progressive Similarity

Planet Jabber - 14 December, 2014 - 00:00
Lately I've been listening a lot to the music of the a cappella group Pentatonix. On the surface, their music is stylistically not the kind of thing I typically like - I very much prefer Bach, Ellington, and Yes to recent pop.

Swift Blog: Swift and Isode

Planet Jabber - 11 December, 2014 - 00:00

Having been working on this behind the scenes for a while, we’ve got some good news. After years of quietly supporting Swift, Isode are now taking Swift formally into their product set. This means more developers working on Swift and the opportunity for more rapid development and advancement of the projects. In practical terms, we think the only obvious change externally is likely to be an increase in activity in the commit logs and improvements to the software, both of which have been becoming increasingly obvious in recent months as Isode’s been increasing support.

Some details about which you may care:

  • Isode’s a long-term producer of messaging and directory servers, including the M-Link XMPP server, has been the provider of commercial licenses for Swiften, was responsible for the port of Swiften to Java in the form of Stroke and is where Kev works for his day-job.
  • Kev’s going to manage the Swift projects within Isode.
  • Swift, Stroke et al. will be remaining open source, with commercial licensing and support available.
  • The project will continue to run in much the same way, with public code review systems etc.
  • We’ll still be accepting community-supplied patches
  • We’ll still be encouraging testing and feedback by the community
  • We think this is going to be an opportunity to make Swift better

We hope you’ll join us in our excitement for Swift’s future.

Peter Saint-Andre: My Intellectual History, Part III

Planet Jabber - 6 December, 2014 - 00:00
It seems that every once in a while on December 6th, I write a journal entry about the intellectual path I'm travelling in this all-too-short life. The previous installments in this series were written on December 6th, 1989 and December 6th, 1999. It's been fifteen years since the last post, so there's a lot of ground to cover! Like 1500 blog posts, 4 books, a bunch of meaningful friendships, and a big phase of my career. (And no, there isn't any particular significance to December 6th, it just happens to have worked out that way.)

ProcessOne: [FR] Conférence SeaBeyond 2014: Le programme de la Sandbox

Planet Jabber - 25 November, 2014 - 20:55

Nous avons publié une courte vidéo décrivant les thèmes que nous allons aborder dans la Sandbox de SeaBeyond, le 4 décembre 2014 à Paris.

Au programme:
– XMPP, ejabberd SaaS et temps réel web (Websockets, …).
– Développement iOS: Push, Widgets, Beacons.
– Watches: Android Wear et Apple Watch.

Voici la vidéo pour plus de détails:

Les détails et le lien pour l’inscription sont sur la page de SeaBeyond

Prosodical Thoughts: Prosody 0.9.7 released

Planet Jabber - 24 November, 2014 - 14:50

We are pleased to announce a new minor release from our stable branch. This release has just a couple of changes for you:

  • Fix server-to-server interoperability issue with Isode M-Link (since 0.9.6)
  • Fix traceback in 'prosodyctl about' command with LuaRocks 2.2.0+ installed

Also, this is our first release with an official Docker image. More on that soon!

Download

As usual, download instructions for many platforms can be found on our download page

If you have any questions, comments or other issues with this release, let us know!

ProcessOne: [FR] La conférence SeaBeyond: Qu’est-ce que c’est ?

Planet Jabber - 17 November, 2014 - 08:31

Voici une brève introduction qui explique la génèse et l’esprit de SeaBeyond:

Pour s’inscrire et consulter le programme de SeaBeyond, c’est ici: SeaBeyond

Tigase Blog: Tigase XMPP Server 5.2.3 release

Planet Jabber - 14 November, 2014 - 16:34

A maintenance version Tigase XMPP Server 5.2.3 has been released and it's available for download. As always - binaries are available for download in the files section on the project tracking system.

Fanout Blog: Building a realtime API in Django

Planet Jabber - 14 November, 2014 - 09:26
Django is an awesome framework for building web services using the Python language. However, it is not well-suited for handling long-lived connections, which are needed for realtime data push. In this article we'll explain how to pair Django with Fanout to reach realtime nirvana.

...

Alexander Gnauck: Secure Gmail Authentication with X-OAUTH2 SASL

Planet Jabber - 12 November, 2014 - 13:36

In July 2014 Google has introduced the “More Secure Gmail Authentication feature”.
When Access for less secure apps is set to disabled then Google does not allow login over SASL PLAIN anymore (even on TLS).

During authentication Google replies with the not-authorized error. And they will notify you by email that access to an insecure application was denied.

CLIENT: <auth mechanism="PLAIN" xmlns="urn:ietf:params:xml:ns:xmpp-sasl">AUTH DATA</auth> SERVER: <failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"> <not-authorized /> </failure>

When access for less secure apps is disabled you have to login with the X-OAUTH2 SASL mechanism the Gmail XMPP server offers. Here is a small tutorial how to achieve this with MatriX.

1) API Project

In order to access the Google API you have to setup a project in the Google API Console which provides you the Access credentials. Once you have created your API project you can request your credentials which include the Client Id and Client Secret. During the creation process of the app project we selected “native application”.

2) Request an Access Token

To authenticate with OAuth 2.0 we need to get our Access Token. The OAuth 2.0 is documented at the Google pages under the following 2 links:

There are also several .NET libraries available, e.g DotNetOpenAuth or Google APIs Client Library.

We are not going to use a third party library for now, because this help us also to understand the whole XAuth authentication flow.

We create a new form and put a Webbrowser control on it. When the form loads we have ro navigate to a Url which includes;

  • Client Id of our API project
  • A redirect Uri, we use this urn:ietf:wg:oauth:2.0:oob
  • scopes:
    • https://www.googleapis.com/auth/googletalk
      (required for XMPP authentication)
    • https://www.googleapis.com/auth/userinfo.email
      (optional, we can use this t get the username/email address of the user)

When our form with the webbrowser loads we navigate to this Url with teh following code:

const string CLIENT_SECRET = "XXXXXXXYYYYYYYYYYYYZZZZZZZZZ"; const string CLIENT_ID = "yyyyyyyyyyyyy-xxxxxxxxxxxxxxxxx.apps.googleusercontent.com"; private static Uri GetAutenticationUri() { var postData = new List<string> { "client_id=" + CLIENT_ID, "redirect_uri=urn:ietf:wg:oauth:2.0:oob", "scope=https://www.googleapis.com/auth/googletalk https://www.googleapis.com/auth/userinfo.email", "response_type=code" }; return new Uri("https://accounts.google.com/o/oauth2/auth" + "?" + string.Join("&", postData.ToArray())); } private void Form_Load(object sender, EventArgs e) { // navigate to the Uri when the form loads webBrowser1.Url = GetAutenticationUri(); }

When you run the code you should see the following:

3) Authentication

When the user now clicks on “Accept” in the authentication dialog the page in the browser reloads. The new page contains an Authentication code in the title tag. The authentication code is also in the body of the result page. We have seen cases where the code in the title tag was cut off. So it could be more secure to parse it from the body.

private void webBrowser1_DocumentCompleted(object sender, WebBrowserDocumentCompletedEventArgs e) { string docTitle = ((WebBrowser) sender).DocumentTitle.ToLower(); // when there is "success code=" in the title its the page we are looking for. if (docTitle.IndexOf("success code=") > -1) { webBrowser1.Visible = false; // Hide the webbrowser // we can find the auth code in the title tag of the html page string authCode = webBrowser1.DocumentTitle.Replace("Success code=", ""); ProcessAuthorizationCode(authCode); } else if (docTitle.IndexOf("denied error=") > -1) { // user denied the app dialog, handle this here. } } 4) Exchanging the Authentication Code

Now we have the Authentication code, and can use it to request the access token and refresh token over a simple HTTP Post. The result is in JSON, we use Newtonsoft.Json to process it.

public void ProcessAuthorizationCode(string authCode) { var postData = new List<string> { "code=" + authCode, "client_id=" + CLIENT_ID, "client_secret=" + CLIENT_SECRET, "redirect_uri=urn:ietf:wg:oauth:2.0:oob", "grant_type=authorization_code" }; //Posting the Data to Google string responseString = Post("https://accounts.google.com/o/oauth2/token", postData); //Processing the JSON Response JObject jObject = JObject.Parse(responseString); JToken refreshToken = jObject.SelectToken("refresh_token"); // Checking for errors. if (refreshToken == null) { //this._ErrorMessage = response; } else { RefreshToken = refreshToken.ToString(); AccessToken = jObject.SelectToken("access_token").ToString(); // close the browser Windows, we are done Close(); } } public static string Post(string url, List<string> postData) { var request = WebRequest.Create(url); // Preparing the post data var toPost = string.Join("&", postData.ToArray()); byte[] byteArray = Encoding.UTF8.GetBytes(toPost); request.Method = "POST"; request.ContentType = "application/x-www-form-urlencoded"; request.ContentLength = byteArray.Length; var dataStream = request.GetRequestStream(); dataStream.Write(byteArray, 0, byteArray.Length); dataStream.Close(); try { // read the response var response = request.GetResponse(); dataStream = response.GetResponseStream(); var reader = new StreamReader(dataStream); string responseString = reader.ReadToEnd(); reader.Close(); dataStream.Close(); response.Close(); return responseString; } catch (Exception) { return null; } } 5) Getting the username (optional)

The username for XMPP authentication for XOAUTH2 SASL is the users email address. You can either ask the user to enter it in your software. Or you can use your access token to request more user details. This is why we have added the scope https://www.googleapis.com/auth/userinfo.email. This allows us to get the username with a post to the following url:
https://www.googleapis.com/oauth2/v1/userinfo?access_token={your_access_token}

This request returns JSON payload where you could fine the users email address.

6) Authenticate with MartiX

Now we have everything to perform the XOAUTH2 authentication with MatriX. We need to subscribe to the OnBeforeSasl event to manual select the SASL mechanism and pass our access token.

private void xmppClient_OnBeforeSasl(object sender, Matrix.Xmpp.Sasl.SaslEventArgs e) { // make sure we use the correct username for authentication xmppClient.Username = "user12345@gmail.com"; // disable automatic SASL algrithm selection in MatriX e.Auto = false; // manual specify the X_OAUTH2 SASL mechanism e.SaslMechanism = Matrix.Xmpp.Sasl.SaslMechanism.X_OAUTH2; //pass the Access token to MatriX e.SaslProperties = new OAuthProperties() { AccessToken = "AccessToken" }; }

Tigase Blog: How we use git and git-flow to handle all Tigase projects

Planet Jabber - 12 November, 2014 - 10:24
Over time Tigase grew from a single server project to a family of applications, tools and libraries related to XMPP.

ProcessOne: Seabeyond: ProcessOne Realtime conference Programme

Planet Jabber - 5 November, 2014 - 16:34

SeaBeyond is ProcessOne tech conference on real time and messaging technologies. The third edition will happen in Paris on the 2014, December 4th.

The “sandbox” is an open discussion and hacking period happening during the day. We propose to cover the following topics:

  • Developing for ejabberd XMPP SaaS
  • Notification and alert broadcast with Boxcar Developer Service
  • Beacons and real time services

As a developer, you are very welcome to send us other ideas.

The “conference” part will cover the following topics:

  • Mila: Using ejabberd and XMPP as a customer to customer messaging tool (Michael Weibel)
  • VeryLastRoom: How realtime and alerts enhance the same day hotel booking experience (Sébastien Houzé)
  • BBC Use Case: News and Sport push notifications and analytics on a huge scale
  • ProcessOne Roadmap: New Product and service launch. Learn about what ProcessOne has been brewing (Mickaël Rémond)

Space is limited, so registration is mandatory to attend. You can register by filling this form: SeaBeyond registration

In the meantime, you can watch video summary from previous edition:

Fanout Blog: Do you have a contingency plan?

Planet Jabber - 24 October, 2014 - 20:07
Do you have a microservice contingency plan? How many APIs does your company consume? How many microservices do you depend on? This brave new world of public APIs and microservices is great, but what happens when it’s not? What happens when a service raises their prices, changes their metering, dies (bankruptcy, acquisition, sunset), pivots, experiences […]

Prosodical Thoughts: Prosody 0.9.6 released

Planet Jabber - 15 October, 2014 - 15:09

Another minor release for you all. The most important change here is to disable SSLv3 by default, now it has been shown to be insecure when used by clients. This means that clients that support only SSLv3 will no longer be able to connect by default (which is why we had not been planning to make this change in a minor release).

A summary of changes in this release:

  • certmanager, net.http: Disable SSLv3 by default
  • net.http.parser: Support status code 101 and allow handling of the received data by plugins
  • util.filters: Ignore filters being added twice (fixes issues on removal, i.e. when some plugins are reloaded/unloaded)
  • mod_s2s: Close offending s2s streams missing an 'id' attribute with a stream error instead of throwing an unhandled error
  • Networking API: Add 'ondetach' callback for listener objects, to prevent leaks when connections have their listener changed
  • core.stanza_router: Stricter validation of stanzas
  • mod_admin_adhoc: Mark 'accountjids' field as required in 'end user sessions' command (thanks Lloyd)
  • mod_admin_adhoc: Add required to field in user deletion form too
  • net.dns: Avoid duplicate cache entries
  • util.stanza: Escape newlines and tabs (\r\n\t) when serializing stanzas.
  • util/dataforms: Make sure we iterate over field tags only
  • mod_s2s: Capitalize log message
  • mod_pubsub: Fix error type of 'forbidden' (change from 'cancel' to 'auth')
Download

Download instructions for many platforms can be found on our download page

If you have any questions, comments or other issues with this release, let us know!

ProcessOne: ejabberd Community 14.07

Planet Jabber - 12 October, 2014 - 10:57

Two months after the previous huge release, we are keeping the pace with a new feature packed version. We added major improvements regarding to SIP support, Carbon copy, stream management and added Riak as a new supported database.

ejabberd Community 14.07 includes several improvements and many bugfixes over the previous 14.05 release:

SIP

  • SIP Outbound (RFC 5626) support
  • New option always_record_route
  • New options record_route and routes

Carbon Copy (XEP-0280)

  • Don’t log MUC messages with hint
  • Don’t carbon copy messages with hint
  • Let is_carbon_copy/1 recognize carbons
  • Don’t send XEP-0280 v1 copies back to sender

Stream Management (XEP-0198)

  • XEP-0198: Terminate session if stanza queue becomes too large
  • XEP-0198: Don’t exit on socket send failure
  • XEP-0198: Don’t drop session on failed resume
  • XEP-0198: Check whether routed packets are stanzas

Riak

  • Riak support

Install and config

  • New options log_rotate_count, log_rotate_size and log_rate_limit
  • html guide is now generated when building source tarball
  • Use p1_utils, and move treap.erl to p1_utils
  • Get rid of p1_mnesia file
  • old release notes are not installed anymore
  • Don’t “forget” listener options
  • Always enable STUN at compile time
  • Do not check for Erlang apps at configure time
  • Add –enable-riak configure flag

Tests

  • Add tests for stream management
  • Add tests for mod_carboncopy
  • Add tests for mod_caps
  • Improve MUC test cases
  • Travis CI: Enable Riak tests
  • Add Riak backend to the testing suit
  • The test suite no longer fails without –enable-transient_supervisors.

MUC

  • MUC messages with ~ were not logged (EJAB-1696).

And many bugfixes all over the source code.

This release requires at least Erlang/OTP R15, and works perfectly with R16B03, and will work with R17 if Riak support is disabled (–disable-riak).

When building from Git, “make install” now fails if you do not run “make doc” before due to doc/guide.html no longer being in the repo. If you don’t have necessary tools to build the guide, just pick the one from ejabberd sources tarball.

As usual, the release is tagged in the Git source code repository on github

The source package and binary installers are available at ProcessOne

If you suspect you found a bug, search or fill a bug report in Jira

ProcessOne: Sea Beyond 2014: ProcessOne Tech Event for Mobile Realtime

Planet Jabber - 12 October, 2014 - 10:55

I am very pleased to announce date and venue for our third iteration of our tech event on mobile and realtime.

Sea Beyond event will happen on the 4th of december 2014. This year focus is “Real-time Technologies for Push and Chat on Mobile”.

As during previous edition, we have split the schedule in two distinct parts.

  • The Sandbox: a programme for developers to encourage innovation and the production of new software features
  • The Lighthouse: an interactive conference for users that illuminates the latest trends in real time communication

 

People loved that approach during the previous editions, as the event is thus open to all kind of skills and is focused on makers.

The programme is still to be defined, but you can expect to play, experiment and learn about exciting and innovative use cases around mobile, chat and push services.

We still have a few more weeks to put the final touch on the programme and prepare to surprise you. Stay tuned !

Read more on the official Sea Beyond page: SeaBeyond 2014

 

It the meantime, you can watch last edition summary video:

Tigase Blog: Web interface to Tigase server

Planet Jabber - 10 October, 2014 - 00:45

Finally, much requested element, that is web interface for the Tigase XMPP Server. We are hard at work to offer web based management for the Tigase XMPP Server, whole installation process from your web browser, monitoring, startup report. Most importantly, all the management and monitoring will work for the whole cluster not just a single server.
Initial code ready to experiment check and test is already available. If you are interested in taking a look at it, check codes in devel branch. If you have any suggestions or ideas, please do not hesitate to contact us.

Isode: Isode at the HFIA #1: Proposed Extensions to STANAG 5066

Planet Jabber - 9 October, 2014 - 17:45

The High Frequency Industry Association (HFIA) provides an “industry driven forum for the interactive exchange of technical and information in the area of High Frequency Communications.” Physical meetings of the group usually take place twice a year and in September 2014 Portsmouth was the location for the latest of these meetings. This is the first of two blog posts covering our attendance at this meeting.

As Isode has an interest in applications for constrained bandwidth communications, we often attend and occasionally present at these meetings. This year we had two presentations to share with the attendees.

Steve Kille at the HFIA

Isode CEO, Steve Kille, gave a talk focusing on Isode’s proposed extensions to STANAG 5066 to improve performance of applications running over wideband HF links. The first was an update to a talk Isode gave at the February HFIA meeting, this time including hard measurements showing that Isode’s extensions (known as LFSN, Long Frame Sequence Number) result in significant performance gains.

This was followed by a live demonstration of the extensions in action, enabling co-existence of bulk and time critical applications over narrow-band and wide-band HF. The applications used were Multi-User Chat and Real-Time Military Forms (both using the XMPP protocol) and military email messaging.

PDF copies of the slide sets used during both phases of this talk can be found by following the links below:

  1. Update to and Measurement of the proposed STANAG 5066 extensions to improve ARQ performance
  2. Demonstration of ‘bulk’ and ‘time critical’ applications co-existing over HF and WBHF and using the proposed new STANAG 5066 extensions
Distribuir contenido