>From the corner of my brain I remember adding my components name to the
admin section of jabber.xml. Perhaps if you look through the source of
JabberD you'll see who gets special privileges and how that affects
probe requests.
In case you want to try it, the mod of jabber.xml looks like:
<jabber>
...
<service id="sessions">
...
<jsm xmlns="jabber:config:jsm">
...
<admin>
<read>componentname</read>
...
Again, for my system none of the users needed to have my component in
their roster. (Yes, that would be a pain :)
Good luck,
Mike
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Fabrice Desr�
> Sent: Monday, June 02, 2003 9:49 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [JDEV] Probing presence from component
>
>
> Joe Hildebrand wrote:
> > Yep. Since allowing access to this information from an
> unauthorized
> > source would be a security hole, the server blocks presence probes
> > from people not on the probee's roster as "both" or "from".
>
> Ok, but I think that an external component can be considered secure
> enough to access this information. With the actual behaviour,
> you end up
> with rosters entries only devoted to presence probing - not
> really useful.
>
> > You could add a JSM module that allowed certain JIDs to bypass this
> > restriction, and place it above mod_presence.
>
> This is just what I wanted to avoid... A config switch
> (like the admin
> properties) would be better.
>
> Fabrice
> --
> Fabrice Desr�
> France T�l�com R&D/DTL/TAL
> T�l: +(33) (0)2 96 05 31 43
> Fax: +(33) (0)2 96 05 39 45
> http://www.francetelecom.com/rd
>
> _______________________________________________
> jdev mailing list
> [EMAIL PROTECTED]
> http://mailman.jabber.org/listinfo/jdev
>
_______________________________________________
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev
