Integrating Jabber

Short Take

1. Install a jabber server.

2. Place an applet on the webserver.

3. Put a link on the OX Groupware page.

4. Glue it all together.

And, it can actually be easy. Trust me.

Installing a Jabber Server

After a bungling search for a nice and easy jabber server, I stumbled upon Jive Messenger.

Jive Messenger is a commercial package with an open sourced server component that is based upon Jabber. This system has very good integration with LDAP. And a very nice administration GUI. And as a final kicker, the whole thing is JAVA.

The installation is very slick. Simply download the package, unpack and run. It is just that simple. A suggested extra step would be to install with Postgres. This is very easy and keeps all datastores in the same database. Ensure you read the INSTALL/README docs.

As for the configuration. Jive seems to utilize an XML document that is hidden under $JIVE/conf/jive-messenger.xml. This document uses a flag to determine if the setup process needs to be completed.

The following is a copy of a working config. $ADMINUSER is a list of users that will have access to the admin page of Jive Messenger.

jive-messenger.xml

<jive>
  <adminConsole>
    <!-- Disable either port by setting the value to -1 -->
    <port>9090</port>
    <securePort>9091</securePort>
    <!-- By default, only the user with the username "admin" can login
         to the admin console. Alternatively, you can specify a comma-delimitted
         list usernames that should be authorized to login by setting the
         <authorizedUsernames> field below. -->
    <authorizedUsernames>$ADMINUSER</authorizedUsernames>
  </adminConsole>
  <locale>en</locale>
  <!-- Example LDAP settings -->
  <ldap>
    <host>localhost</host>
    <port>389</port>
    <usernameField>uid</usernameField>
    <nameField>cn</nameField>
    <emailField>mail</emailField>
    <baseDN>ou=OxObjects,dc=$DOMAIN,dc=$TLD</baseDN>
    <adminDN/>
    <adminPassword/>
    <groupMemberField>memberUid</groupMemberField>
    <posixMode>true</posixMode>
    <groupDescriptionField>cn</groupDescriptionField>
  </ldap>
  <provider>
    <user>
      <className>org.jivesoftware.messenger.ldap.LdapUserProvider</className>
    </user>
    <auth>
      <className>org.jivesoftware.messenger.ldap.LdapAuthProvider</className>
    </auth>
    <group>
      <className>org.jivesoftware.messenger.ldap.LdapGroupProvider</className>
    </group>
  </provider>
  <!-- End example LDAP settings -->
  <connectionProvider>
    <className>org.jivesoftware.database.DefaultConnectionProvider</className>
  </connectionProvider>
  <database>
    <defaultProvider>
      <driver>org.postgresql.Driver</driver>
      <serverURL>jdbc:postgresql://localhost:5432/$JIVEDB</serverURL>
      <username>$JIVEDBUSER</username>
      <password/>
      <minConnections>5</minConnections>
      <maxConnections>15</maxConnections>
      <connectionTimeout>1.0</connectionTimeout>
    </defaultProvider>
  </database>
  <setup>true</setup>
</jive>

This is installed with POSTGRESQL.

$ADMINUSER is a list of users that will have access to the admin page of Jive Messenger. These users must be part of the LDAP system.

$JIVEDB is the database name for Jive. READ THE FINE MANUALS/DOCS

$JIVEDBUSER is the database user name. Ok, it's beyond the docs, but good practice to keep database ownership clear.

Applet Time

The problem with new applications is the installation of the applications. Another search for a quick and easy method of deploying an IM client lead me to Jeti. This is a java applet. As an applet, be ready to suggest upgrading java to your clients.

Jeti has a lot of capability. Including presetting logins, deactivating functions and (my favorite) anonymous users.

Simply dump the applet onto the webserver, and call when needed. As with all things internet, SSL IS STRONGLY RECOMMENDED.

In this example, I uncompressed the Jeti Applet, renamed it jetiapp and placed it into the root of the web server.

Link on the OX Groupware Page

I think that this would work very well as an icon in the top bar. But I'm not that heady yet.

The suggested current route is to follow the Adding Google idea. This means modifying the $OX/etc/groupware/external.conf.

external.conf

<externalElement>
   <element title="Tools" language="EN"/>
   <content src="$OX/etc/groupware/jeti.txt"/>
</externalElement>

In this case I created a new catagory called "Tools". And under tools will be jeti.txt. Ensure that jeti.txt is at the same level as external.conf.

jeti.txt

<a href="" onClick="window.open('https://$OXDOMAIN.$TLD/cgi-bin/jetiapp/jetiapp.pl?sessionID=[NAS_ID]','Record_Viewer','width=250,height=400,left=50,top=50')">IM</a>

As a note, Safari, Firefox and Opera will fire this off without problems. IE wants to show the root of Tomcat in the sidebar. Refreshing the page will correct the flaw. This needs to be fixed! I usually recommend using Firefox.

Setting "href=#rightArea" avoids the need to refresh the page in MS Internet Explorer

Don't worry about the strange pieces of glue...

Da Glue Stick

Ok, here is the story. We need to have Open-Xchange call a Java applet with the username, password and other settings in the request. And we want the request to be processed in a new window. Impossible???? Nay I say.

This requires the Talking to the Sessiond with Perl hack and a small script. Install the required perl hack then place this script under /cgi-bin/jetiapp/jetiapp.pl.

jetiapp.pl

#!/usr/bin/perl

use OXtensions::OXSession qw(ox_getAuth);

use CGI qw(:standard);

my $sessionID   = param('sessionID');
my $sessionData = ox_getAuth($sessionID);

print header;
print "<HTML>\n";
print "<HEAD>\n";
print "<title>Jeti Applet</title></HEAD>\n";
print "<BODY>\n";
print "<APPLET name=\"jeti\" codebase=\"https://$OXDOMAIN.$TLD/jetiapp\" archive=\"applet.jar,plugins/alertwindow.jar,plugins/emoticons.jar,plugins/groupchat.jar,plugins/appletloadgroupchat.jar,plugins/sound.jar,plugins/xhtml.jar\" CODE=\"nu.fw.jeti.applet.Jeti.class\" WIDTH = 100% HEIGHT = 100%>\n";
print "<PARAM NAME=USER VALUE=".$sessionData->{'uid'}.">\n";
print "<PARAM NAME=PASSWORD VALUE=".$sessionData->{'passwd'}.">\n";
print "<PARAM NAME=SERVER VALUE=$OXDOMAIN.$TLD>\n";
print "<PARAM NAME=PORT VALUE=5223 >\n";
print "<PARAM NAME=SSL VALUE=true>\n";
print "<PARAM NAME=RESOURCE VALUE=JetiApplet >\n";
print "</APPLET>\n";
print "</BODY>\n";
print "</HTML>\n";

You will notice that all requests are using SSL. SSL is very good. I have also forced all connections to use port 5223

This script runs the perl OXSession to determine the username/password pair. Then sends the info with the configuration data to the java applet. I am not a fan of recovering the password and sending it back. But this falls into the *WOW IT WORKS* catagory.

Notes

Once a user opens Jeti the first time in a session, two security certificates will need to be clicked through. These can be set to always.

I have discovered that beauty of an ICON can go miles with users. In my case, hiding a *NOT READY FOR PRIME TIME PROJECT* is not good enough, They want a huge icon in the top bar.

Jive Messenger has the ability to audit communication pushed through the system. Ensure you check out the admin page located on port 9090/9091 on your box and set some group rights.

This system has a single flaw. It is trying to communicate across a draconian firewall. I'm starting to experiment with Punjab to discover a clean method.

Bill Gates and Steve Balmer should be forced to untie their shoes with IE's version of JavaScript. Be prepared to suggest Firefox to your users, unless you have a good idea for fixing my javascript link in the groupware. If that is the case, then please delete this line, and make the corrections.

'"Trust me" is another way of saying "Your screwed, but I'll pretend to help"