Kevin Larsen
2014-Mar-18 16:01 UTC
[asterisk-users] XMPP issues in Asterisk 11.6.0 for distributed device states...
I have been working with distributed device states in Asterisk using XMPP attached to an OpenFire server. I have it working well across two servers and want to roll it out across every server in my company. All servers are Asterisk 11.6.0. I am running into a problem that seems like it should be a bit easier to solve than it is seeming to be. On the third server I am rolling into this solution, I get plenty of the following: res_xmpp.c:1398 xmpp_pubsub_handle_error: Error performing operation on PubSub node device_state, 403. So, basically, servers 1 and 2 continue to hum along nicely updating their device state, but server 3 gets a 403 forbidden message when it tries to deal with device state. I believe this has to do with the permissions set up on the device state node. I have a small example that demonstrates the creation of a new node. In the Asterisk CLI, I ran 'xmpp create collection asterisk test' on server 3, which was successful and can be seen on servers 1 and 2 with 'xmpp list nodes asterisk' The debug output from server 3 for this is as follows: <--- XMPP sent to 'asterisk' ---> <iq to='pubsub.xmpp' from='server3 at xmpp/astvoip3' type='set' id='aaacy'> <pubsub xmlns='http://jabber.org/protocol/pubsub'> <create node='test'/> <configure> <x xmlns='jabber:x:data' type='submit'> <field var='FORM_TYPE' type='hidden'> <value>http://jabber.org/protocol/pubsub#owner</value> </field> <field var='pubsub#node_type'> <value>collection</value> </field> <field var='FORM_TYPE' type='hidden'> <value>http://jabber.org/protocol/pubsub#node_config</value> </field> <field var='pubsub#deliver_payloads'> <value>1</value> </field> <field var='pubsub#persist_items'> <value>1</value> </field> <field var='pubsub#access_model'> <value>whitelist</value> </field> </x> </configure> </pubsub> </iq> <-------------> <--- XMPP sent to 'asterisk' ---> <iq to='pubsub.xmpp' from='server3 at xmpp/astvoip3' type='set' id='aaacz'> <pubsub xmlns='http://jabber.org/protocol/pubsub#owner'> <affiliations node='test'> <affiliation jid='server1 at xmpp' affiliation='owner'/> <affiliation jid='server2 at xmpp' affiliation='owner'/> <affiliation jid='server1 at xmpp/astvoip1' affiliation='owner'/> <affiliation jid='server2 at xmpp/astvoip2' affiliation='owner'/> </affiliations> </pubsub> </iq> <-------------> As we can see, the first message creates the test node and sets the access model to whitelist, so only jids in the whitelist are allowed to modify it. The second message then sets the appropriate server 1 and server 2 jids to be owners, thus meeting the requirements of the whitelist. Since these nodes are persistent, it would appear that server 3 cannot properly access device_state because it was never whitelisted when the node was created originally. I am fairly certain that I can solve this by deleting all my nodes and letting them be recreated, but that seems extreme as I put more servers into the system. Any thoughts on a better way to handle xmpp and making sure new servers can access the proper nodes? Kevin Larsen - Systems Analyst - Pioneer Balloon Company -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20140318/84e17293/attachment.html>