How to hide a group of users from others in Ejabberd or MongooseIM?

0
votes

Let's say I have 10,000 usernames in the RDBMS database which will use the XMPP chat service like Ejabberd or MongooseIM that I will put manually in the database. Now every 1000 usernames in the above 10,000 have fixed prefix in their JID usernames like:

1-1000 usernames start with aa__ (Example - aa10001, aa10002 , ...)

1001-2000 usernames start with bb__ (Example - bb10001, bb10002, ...)

2000-3000 usernames start with cc__ (Example - cc10001, cc10002, ...)

and so on ... total of 10 different prefix usernames

Now I just want that these 10 different pairs must not know others prefix usernames pairs and must not be able to send any type of stanza (like message, presence, IQ) to other pair (having a different prefix)

Possibilities:

  1. If I can use some regex in the block policy then that would be great instead of blocking the individual.

  2. I know u may suggest of using a different Virtual host for each pair. But managing so many Virtual hosts can be difficult because in the above example 10K is just a small example of a bigger picture.

Please let me know if question is not clear to you?

1
xmppejabberdprivacymongoose-im
Maybe if I can use Virtual host in some way that it is easy to manage (adding new pairs frequently) without adding a new database for each then that will be a best-ever solutionShubham1164
Can I add a virtual host dynamically in the config without stopping the server?Shubham1164
Are you limited to using Ejabberd or MongooseIM? Tigase XMPP Server (tigase.net) can handle high-loads and offers restart-less VHost management ( Add and Manage Domains (VHosts) ) that can be used with REST API and ACL (Access Control Lists in Tigase ) option LOCAL - limiting users to communication within group/VHostWojtek
Thanks, @Wojtek but we have invested enough time on these its difficult to switch nowShubham1164
Of course - just sharing information :-)Wojtek

1 Answers

1
votes

I just want that these 10 different pairs must not know others prefix usernames pairs and must not be able to send any type of stanza (like message, presence, IQ) to other pair (having a different prefix)

First of all, play with mod_filter. Looking at its example configurations, probably you can accomplish what you want using it: https://github.com/processone/ejabberd-contrib/tree/master/mod_filter

Maybe you can define ACL based in the usernames patterns ("aa*" or something like that), and this way you can have all users in a single vhost.

In case the only solution requires having a vhost for each user group, some ideas:

Now every 1000 usernames in the above 10,000 have fixed prefix in their JID usernames like:

As you mentioned, you can define a vhost in ejabberd for each user group: [email protected]... Or in order to not change existing usernames: [email protected]...

Maybe if I can use Virtual host in some way that it is easy to manage (adding new pairs frequently) without adding a new database for each then that will be a best-ever solution

Right, you can have all the vhosts in a single database, if you configure ejabberd like this and use the apropiate *.sql file when creating the database:

new_sql_schema: true

Can I add a virtual host dynamically in the config without stopping the server?

Yes, it should work (it's a recent feature). Edit ejabberd.yml as you wish, and reload it with:

$ ejabberdctl reload_config