无法连接到 Ejabberd:用户未获得授权
Cannot connect to Ejabberd: user is not authorized
我想使用以下简单的 python 代码连接到我的本地 ejabberd:
from twisted.internet import reactor, protocol
from twisted.words.protocols.jabber import client, jid, xmlstream
from twisted.words.protocols.jabber.client import BasicAuthenticator
import logging
def authd(xmlstreamobj):
logging.error("authenticated")
return
def authFailed(xmlstream):
logging.error("Failed")
return
def authInvalid(xmlstream):
logging.error("Invalid")
return
def authError(xmlstream):
logging.error("Error")
print(xmlstream)
return
myJid = jid.JID("boss@localhost")
password = "boss"
myJid.resource = "onlyone"
factory = client.basicClientFactory(myJid, password)
factory.addBootstrap('//event/stream/authd' , authd)
factory.addBootstrap("//event/client/basicauth/invaliduser", authInvalid)
factory.addBootstrap("//event/client/basicauth/authfailed", authFailed)
factory.addBootstrap("//event/stream/error", authError)
reactor.connectTCP("localhost", 5222, factory)
reactor.run()
在ejabberd中注册的用户(使用ejabberdctl registered_users localhost
命令)是:admin、boss、manager0
但是,我收到以下错误消息:
[Failure instance: Traceback (failure with no frames): <class 'twisted.words.protocols.jabber.error.StreamError'>: StreamError with condition u'not-authorized']
ejabberd 日志是:
--------------------------------------------------------------------
IMPORTANT: ejabberd is going to start in LIVE (interactive) mode.
All log messages will be shown in the command shell.
You can interact with the ejabberd node if you know how to use it.
Please be extremely cautious with your actions,
and exit immediately if you are not completely sure.
To exit this LIVE mode and stop ejabberd, press:
q(). and press the Enter key
--------------------------------------------------------------------
To bypass permanently this warning, add to ejabberdctl.cfg the line:
EJABBERD_BYPASS_WARNINGS=true
Press return to continue
Erlang/OTP 22 [erts-10.7.2.12] [source] [64-bit] [smp:8:8] [ds:8:8:10] [async-threads:1] [hipe] [dtrace]
Eshell V10.7.2.12 (abort with ^G)
(ejabberd@localhost)1> 2021-07-13 16:52:40.341565-06:00 [info] Loading configuration from /usr/local/etc/ejabberd/ejabberd.yml
2021-07-13 16:52:40.684051-06:00 [info] Configuration loaded successfully
2021-07-13 16:52:40.888879-06:00 [info] Got no NOTIFY_SOCKET, notifications disabled
2021-07-13 16:52:41.113546-06:00 [info] Loading modules for localhost
2021-07-13 16:52:41.132174-06:00 [warning] Mnesia backend for mod_mam is not recommended: it's limited to 2GB and often gets corrupted when reaching this limit. SQL backend is recommended. Namely, for small servers SQLite is a preferred choice because it's very easy to configure.
2021-07-13 16:52:41.199005-06:00 [info] Won't auto-announce STUN/TURN service on port 3478 (udp) without public IP address, please specify 'turn_ipv4_address' and optionally 'turn_ipv6_address'
2021-07-13 16:52:41.332173-06:00 [info] Building MQTT cache for localhost, this may take a while
2021-07-13 16:52:41.444623-06:00 [info] Waiting for Mnesia synchronization to complete
2021-07-13 16:52:41.558657-06:00 [warning] No certificate found matching localhost
2021-07-13 16:52:41.558915-06:00 [warning] No certificate found matching conference.localhost
2021-07-13 16:52:41.559022-06:00 [warning] No certificate found matching upload.localhost
2021-07-13 16:52:41.559118-06:00 [warning] No certificate found matching proxy.localhost
2021-07-13 16:52:41.559233-06:00 [warning] No certificate found matching pubsub.localhost
2021-07-13 16:52:41.559334-06:00 [info] ejabberd 21.04 is started in the node ejabberd@localhost in 1.31s
2021-07-13 16:52:41.559679-06:00 [info] Start accepting UDP connections at [::]:3478 for ejabberd_stun
2021-07-13 16:52:41.559856-06:00 [info] Start accepting TCP connections at [::]:5280 for ejabberd_http
2021-07-13 16:52:41.559871-06:00 [info] Start accepting TCP connections at [::]:5222 for ejabberd_c2s
2021-07-13 16:52:41.559890-06:00 [info] Start accepting TCP connections at 127.0.0.1:7777 for mod_proxy65_stream
2021-07-13 16:52:41.560041-06:00 [info] Start accepting TLS connections at [::]:5223 for ejabberd_c2s
2021-07-13 16:52:41.560077-06:00 [info] Start accepting TCP connections at [::]:5269 for ejabberd_s2s_in
2021-07-13 16:52:41.560131-06:00 [info] Start accepting TCP connections at [::]:1883 for mod_mqtt
2021-07-13 16:52:41.560177-06:00 [info] Start accepting TLS connections at [::]:5443 for ejabberd_http
2021-07-13 16:52:41.625170-06:00 [warning] Option 'turn_ipv4_address' is undefined and the server's hostname doesn't resolve to a public IPv4 address, most likely the TURN relay won't be working properly
2021-07-13 16:52:58.767985-06:00 [info] (<0.552.0>) Accepted connection [::ffff:127.0.0.1]:54660 -> [::ffff:127.0.0.1]:5222
2021-07-13 16:53:01.623768-06:00 [info] (<0.553.0>) Accepted connection [::ffff:127.0.0.1]:54661 -> [::ffff:127.0.0.1]:5222
2021-07-13 16:54:39.351423-06:00 [info] (<0.555.0>) Accepted connection [::ffff:127.0.0.1]:54668 -> [::ffff:127.0.0.1]:5222
2021-07-13 16:54:42.367668-06:00 [info] (<0.558.0>) Accepted connection [::ffff:127.0.0.1]:54671 -> [::ffff:127.0.0.1]:5222
ejabberd 的 yml 文件是:
hosts:
- localhost
loglevel: 4
## If you already have certificates, list them here
# certfiles:
# - /etc/letsencrypt/live/domain.tld/fullchain.pem
# - /etc/letsencrypt/live/domain.tld/privkey.pem
listen:
-
port: 5222
ip: "::"
module: ejabberd_c2s
max_stanza_size: 262144
shaper: none
access: all
starttls_required: false
-
...
我在 Mac 上使用最新版本的 ejabberd (21.04)。任何帮助将非常感激!谢谢!
所以,你用“ejabberdctl registered_users”检查了账户是否真的注册了。然后您尝试使用您的自定义 XMPP 客户端,尝试连接(如日志文件中所示),但失败并显示消息“未授权”。
一些想法:
- A) 尝试启用 STARTTLS,但不要求它:将此选项添加到 5222 侦听:
starttls: true
- B) 尝试使用众所周知的 Jabber/XMPP 客户端(例如 Gajim、Psi 等)登录 ejabberd 是否有效?那么问题出在您的客户身上。不起作用?那么问题出在 ejabberd 配置中
修复:问题出在 Ejabberd 版本上。它在 Debian 9 上的 Ejabberd 16.09 上运行。
我想使用以下简单的 python 代码连接到我的本地 ejabberd:
from twisted.internet import reactor, protocol
from twisted.words.protocols.jabber import client, jid, xmlstream
from twisted.words.protocols.jabber.client import BasicAuthenticator
import logging
def authd(xmlstreamobj):
logging.error("authenticated")
return
def authFailed(xmlstream):
logging.error("Failed")
return
def authInvalid(xmlstream):
logging.error("Invalid")
return
def authError(xmlstream):
logging.error("Error")
print(xmlstream)
return
myJid = jid.JID("boss@localhost")
password = "boss"
myJid.resource = "onlyone"
factory = client.basicClientFactory(myJid, password)
factory.addBootstrap('//event/stream/authd' , authd)
factory.addBootstrap("//event/client/basicauth/invaliduser", authInvalid)
factory.addBootstrap("//event/client/basicauth/authfailed", authFailed)
factory.addBootstrap("//event/stream/error", authError)
reactor.connectTCP("localhost", 5222, factory)
reactor.run()
在ejabberd中注册的用户(使用ejabberdctl registered_users localhost
命令)是:admin、boss、manager0
但是,我收到以下错误消息:
[Failure instance: Traceback (failure with no frames): <class 'twisted.words.protocols.jabber.error.StreamError'>: StreamError with condition u'not-authorized']
ejabberd 日志是:
--------------------------------------------------------------------
IMPORTANT: ejabberd is going to start in LIVE (interactive) mode.
All log messages will be shown in the command shell.
You can interact with the ejabberd node if you know how to use it.
Please be extremely cautious with your actions,
and exit immediately if you are not completely sure.
To exit this LIVE mode and stop ejabberd, press:
q(). and press the Enter key
--------------------------------------------------------------------
To bypass permanently this warning, add to ejabberdctl.cfg the line:
EJABBERD_BYPASS_WARNINGS=true
Press return to continue
Erlang/OTP 22 [erts-10.7.2.12] [source] [64-bit] [smp:8:8] [ds:8:8:10] [async-threads:1] [hipe] [dtrace]
Eshell V10.7.2.12 (abort with ^G)
(ejabberd@localhost)1> 2021-07-13 16:52:40.341565-06:00 [info] Loading configuration from /usr/local/etc/ejabberd/ejabberd.yml
2021-07-13 16:52:40.684051-06:00 [info] Configuration loaded successfully
2021-07-13 16:52:40.888879-06:00 [info] Got no NOTIFY_SOCKET, notifications disabled
2021-07-13 16:52:41.113546-06:00 [info] Loading modules for localhost
2021-07-13 16:52:41.132174-06:00 [warning] Mnesia backend for mod_mam is not recommended: it's limited to 2GB and often gets corrupted when reaching this limit. SQL backend is recommended. Namely, for small servers SQLite is a preferred choice because it's very easy to configure.
2021-07-13 16:52:41.199005-06:00 [info] Won't auto-announce STUN/TURN service on port 3478 (udp) without public IP address, please specify 'turn_ipv4_address' and optionally 'turn_ipv6_address'
2021-07-13 16:52:41.332173-06:00 [info] Building MQTT cache for localhost, this may take a while
2021-07-13 16:52:41.444623-06:00 [info] Waiting for Mnesia synchronization to complete
2021-07-13 16:52:41.558657-06:00 [warning] No certificate found matching localhost
2021-07-13 16:52:41.558915-06:00 [warning] No certificate found matching conference.localhost
2021-07-13 16:52:41.559022-06:00 [warning] No certificate found matching upload.localhost
2021-07-13 16:52:41.559118-06:00 [warning] No certificate found matching proxy.localhost
2021-07-13 16:52:41.559233-06:00 [warning] No certificate found matching pubsub.localhost
2021-07-13 16:52:41.559334-06:00 [info] ejabberd 21.04 is started in the node ejabberd@localhost in 1.31s
2021-07-13 16:52:41.559679-06:00 [info] Start accepting UDP connections at [::]:3478 for ejabberd_stun
2021-07-13 16:52:41.559856-06:00 [info] Start accepting TCP connections at [::]:5280 for ejabberd_http
2021-07-13 16:52:41.559871-06:00 [info] Start accepting TCP connections at [::]:5222 for ejabberd_c2s
2021-07-13 16:52:41.559890-06:00 [info] Start accepting TCP connections at 127.0.0.1:7777 for mod_proxy65_stream
2021-07-13 16:52:41.560041-06:00 [info] Start accepting TLS connections at [::]:5223 for ejabberd_c2s
2021-07-13 16:52:41.560077-06:00 [info] Start accepting TCP connections at [::]:5269 for ejabberd_s2s_in
2021-07-13 16:52:41.560131-06:00 [info] Start accepting TCP connections at [::]:1883 for mod_mqtt
2021-07-13 16:52:41.560177-06:00 [info] Start accepting TLS connections at [::]:5443 for ejabberd_http
2021-07-13 16:52:41.625170-06:00 [warning] Option 'turn_ipv4_address' is undefined and the server's hostname doesn't resolve to a public IPv4 address, most likely the TURN relay won't be working properly
2021-07-13 16:52:58.767985-06:00 [info] (<0.552.0>) Accepted connection [::ffff:127.0.0.1]:54660 -> [::ffff:127.0.0.1]:5222
2021-07-13 16:53:01.623768-06:00 [info] (<0.553.0>) Accepted connection [::ffff:127.0.0.1]:54661 -> [::ffff:127.0.0.1]:5222
2021-07-13 16:54:39.351423-06:00 [info] (<0.555.0>) Accepted connection [::ffff:127.0.0.1]:54668 -> [::ffff:127.0.0.1]:5222
2021-07-13 16:54:42.367668-06:00 [info] (<0.558.0>) Accepted connection [::ffff:127.0.0.1]:54671 -> [::ffff:127.0.0.1]:5222
ejabberd 的 yml 文件是:
hosts:
- localhost
loglevel: 4
## If you already have certificates, list them here
# certfiles:
# - /etc/letsencrypt/live/domain.tld/fullchain.pem
# - /etc/letsencrypt/live/domain.tld/privkey.pem
listen:
-
port: 5222
ip: "::"
module: ejabberd_c2s
max_stanza_size: 262144
shaper: none
access: all
starttls_required: false
-
...
我在 Mac 上使用最新版本的 ejabberd (21.04)。任何帮助将非常感激!谢谢!
所以,你用“ejabberdctl registered_users”检查了账户是否真的注册了。然后您尝试使用您的自定义 XMPP 客户端,尝试连接(如日志文件中所示),但失败并显示消息“未授权”。
一些想法:
- A) 尝试启用 STARTTLS,但不要求它:将此选项添加到 5222 侦听:
starttls: true
- B) 尝试使用众所周知的 Jabber/XMPP 客户端(例如 Gajim、Psi 等)登录 ejabberd 是否有效?那么问题出在您的客户身上。不起作用?那么问题出在 ejabberd 配置中
修复:问题出在 Ejabberd 版本上。它在 Debian 9 上的 Ejabberd 16.09 上运行。