ejabberd: AccessRules: 账户无权执行该操作
ejabberd: AccessRules: Account does not have the right to perform the operation
我正在尝试关注 API Permissions | ejabberd Docs and Configuring ejabberd | ejabberd Docs。
还在尝试注册用户时:
# curl -sk -d '{"user":"test", "password":"testing", "host":"localhost"}' -H 'Content-Type: application/json' https://localhost:5443/api/register
我在 ejabberd.log 中获得关注:
# tail -2 ./home/ejabberd/logs/ejabberd.log
2019-10-04 21:41:47.079 [info] <0.663.0>@mod_http_api:log:509 API call register [{<<"user">>,<<"test">>},{<<"password">>,<<"testing">>},{<<"host">>,<<"localhost">>}] from ::ffff:172.19.0.1:53740
2019-10-04 21:41:47.079 [info] <0.521.0>@ejabberd_listener:accept:256 (<0.663.0>) Accepted connection [::ffff:172.19.0.1]:53740 -> [::ffff:172.19.0.6]:5443
#
ejabberd.yml' acl&api_permissions 块:
acl:
local:
user_regexp: ""
loopback:
ip:
- 127.0.0.0/8
- ::1/128
- ::FFFF:127.0.0.1/128
admin:
user:
- "admin@localhost"
ip:
- ::/0
- ::FFFF:10.0.0.0/8
- ::FFFF:172.16.0.0/12
- ::FFFF:172.19.0.0/12
- ::FFFF:192.168.0.0/16
&
api_permissions:
"console commands":
from:
- ejabberd_ctl
who: all
what: "*"
"admin access":
who:
access:
allow:
acl: loopback
acl: admin
ip:
- ::/0
- ::FFFF:10.0.0.0/8
- ::FFFF:172.16.0.0/12
- ::FFFF:172.19.0.0/12
- ::FFFF:192.168.0.0/16
oauth:
scope: "ejabberd:admin"
access:
allow:
acl: loopback
acl: admin
what:
- "*"
- "!stop"
- "!start"
"public commands":
who:
ip: 127.0.0.1/8
what:
- status
- connected_users_number
请指教
使用这个最小配置:
listen:
-
port: 5443
ip: "::"
module: ejabberd_http
tls: true
request_handlers:
"/api": mod_http_api
acl:
admin:
ip:
- "127.0.0.1"
api_permissions:
"admin commands":
who: admin
what:
- register
如果我在机器 127.0.0.1 上执行它,它会起作用:
$ curl -sk -d '{"user":"test", "password":"testing", "host":"localhost"}' -H 'Content-Type: application/json' https://localhost:5443/api/register
"User test@localhost successfully registered"
我将我的 ip/范围添加到 admin AND loopback 块:
acl:
local:
user_regexp: ""
loopback:
ip:
- 127.0.0.0/8
- ::1/128
- ::FFFF:127.0.0.1/128
- ::FFFF:172.19.0.0/16
admin:
user:
- "admin@localhost"
ip:
- ::FFFF:172.19.0.0/16
错误消失了)
我正在尝试关注 API Permissions | ejabberd Docs and Configuring ejabberd | ejabberd Docs。
还在尝试注册用户时:
# curl -sk -d '{"user":"test", "password":"testing", "host":"localhost"}' -H 'Content-Type: application/json' https://localhost:5443/api/register
我在 ejabberd.log 中获得关注:
# tail -2 ./home/ejabberd/logs/ejabberd.log
2019-10-04 21:41:47.079 [info] <0.663.0>@mod_http_api:log:509 API call register [{<<"user">>,<<"test">>},{<<"password">>,<<"testing">>},{<<"host">>,<<"localhost">>}] from ::ffff:172.19.0.1:53740
2019-10-04 21:41:47.079 [info] <0.521.0>@ejabberd_listener:accept:256 (<0.663.0>) Accepted connection [::ffff:172.19.0.1]:53740 -> [::ffff:172.19.0.6]:5443
#
ejabberd.yml' acl&api_permissions 块:
acl:
local:
user_regexp: ""
loopback:
ip:
- 127.0.0.0/8
- ::1/128
- ::FFFF:127.0.0.1/128
admin:
user:
- "admin@localhost"
ip:
- ::/0
- ::FFFF:10.0.0.0/8
- ::FFFF:172.16.0.0/12
- ::FFFF:172.19.0.0/12
- ::FFFF:192.168.0.0/16
&
api_permissions:
"console commands":
from:
- ejabberd_ctl
who: all
what: "*"
"admin access":
who:
access:
allow:
acl: loopback
acl: admin
ip:
- ::/0
- ::FFFF:10.0.0.0/8
- ::FFFF:172.16.0.0/12
- ::FFFF:172.19.0.0/12
- ::FFFF:192.168.0.0/16
oauth:
scope: "ejabberd:admin"
access:
allow:
acl: loopback
acl: admin
what:
- "*"
- "!stop"
- "!start"
"public commands":
who:
ip: 127.0.0.1/8
what:
- status
- connected_users_number
请指教
使用这个最小配置:
listen:
-
port: 5443
ip: "::"
module: ejabberd_http
tls: true
request_handlers:
"/api": mod_http_api
acl:
admin:
ip:
- "127.0.0.1"
api_permissions:
"admin commands":
who: admin
what:
- register
如果我在机器 127.0.0.1 上执行它,它会起作用:
$ curl -sk -d '{"user":"test", "password":"testing", "host":"localhost"}' -H 'Content-Type: application/json' https://localhost:5443/api/register
"User test@localhost successfully registered"
我将我的 ip/范围添加到 admin AND loopback 块:
acl:
local:
user_regexp: ""
loopback:
ip:
- 127.0.0.0/8
- ::1/128
- ::FFFF:127.0.0.1/128
- ::FFFF:172.19.0.0/16
admin:
user:
- "admin@localhost"
ip:
- ::FFFF:172.19.0.0/16
错误消失了)