ejabberd - Comments for "allowing pubsub node suscription whatever jid " https://www.ejabberd.im/node/24774 en hi cvoluter, did you managed https://www.ejabberd.im/node/24774#comment-66819 <p>hi cvoluter,</p> <p>did you managed to add a user as "trusted proxies" ?<br /> what was your solution for that?</p> <p>Thanks,</p> Mon, 07 Mar 2016 11:29:49 +0000 iharush comment 66819 at https://www.ejabberd.im No, this feature is not https://www.ejabberd.im/node/24774#comment-65276 <p>No, this feature is not supported. As I mentioned is it generally not a good approach to grant right to privileged users. It means that you have a way to seriously compromise your service if the password for that user is compromised.</p> <p>If you still want to go that way, I think you will need to change the Pubsub code is a custom way.</p> Fri, 27 Feb 2015 13:34:00 +0000 mremond comment 65276 at https://www.ejabberd.im Hello , In section 6.1.3.1 https://www.ejabberd.im/node/24774#comment-65275 <p>Hello ,</p> <p>In section 6.1.3.1 JIDs Do Not Match, you have a note that explain this : </p> <p>Note: An implementation MAY enable the service administrator to configure a list of entities that are excluded from this check; those entities may be considered "trusted proxies" that are allowed to subscribe on behalf of other entities. In the same way, implementations MAY enable blacklisting of entities that are not allowed to perform specific operations (such as subscribing or creating nodes).</p> <p>Ejabberd can be set user as "trusted proxies" ?</p> <p>thanks,</p> Fri, 27 Feb 2015 11:45:07 +0000 cvoluter comment 65275 at https://www.ejabberd.im Hello, The behaviour you https://www.ejabberd.im/node/24774#comment-65265 <p>Hello,</p> <p>The behaviour you describe would not be conforme to the PubSub specification as described in <noindex><a href="http://www.xmpp.org/extensions/xep-0060.html" rel="nofollow" >XEP-0060: Publish-Subscribe</a></noindex>.</p> <p>More specifically, <noindex><a href="http://www.xmpp.org/extensions/xep-0060.html#subscriber-subscribe-error-nomatch" rel="nofollow" >section 6.1.3.1 JIDs Do Not Match</a></noindex> is self explanatory:</p> <blockquote><p> 6.1.3.1 JIDs Do Not Match</p> <p>If the specified JID is a bare JID or full JID, the service MUST at a minimum check the bare JID portion against the bare JID portion of the 'from' attribute on the received IQ request to make sure that the requesting entity has the same identity as the JID which is being requested to be added to the subscriber list.</p> <p>If the bare JID portions of the JIDs do not match as described above and the requesting entity does not have some kind of admin or proxy privilege as defined by the implementation, the service MUST return a error, which SHOULD also include a pubsub-specific error condition of &lt;invalid-jid/&gt;. </p></blockquote> <p>To have a non-custom PubSub behaviour, you probably need to write your own ejabberd PubSub plugin. However, it really depend what you want to do. Relying on admin status of ejabberd to do privileged operations may be a security risk. I would rather write a custom ejabberd module to handle back-end to back-end operation for admin tasks.</p> Thu, 26 Feb 2015 14:25:54 +0000 mremond comment 65265 at https://www.ejabberd.im