> In addition to the "hole" found by Chitralekha, you can also > log into the Openfire console with the default credentials. > Since there is no firewall running on Sipx by default this > essentially leaves IM wide open from a security standpoint.
Openfire portal is currently available mainly for ease-of-development and testing but will be shut down come the stable release. > > One of the key features of IM integration that is most > anticipated to my company is that Openfire can do federation > AND control it per user. We are questioning the 'per user' part right now. This is currently achieved via the Kraken plug-in but it has some pretty ugly bugs and is not well maintained. That functionality may end up being pulled out before 4.2 is released. I would like to understand what aspects of that feature make it compelling for you. > 99.9% of users in our company should > not have access, but some need it. We have to be able to > control who does and doesn't and the existing implementation > in 4.1 does not seem to allow that. If this can still be > configured via the Openfire console, then that would be fine as well. > > I know it isn't a finished feature yet, but is there any > documentation about what is planned for this release? It would certainly be desirable but I don't know that this feature will be formally documented. Certainly, the wiki will contain the useful info. > > Geoff Van Brunt > Information Technology Manager > Administration > > _______________________________________________ > sipx-dev mailing list [email protected] List > Archive: http://list.sipfoundry.org/archive/sipx-dev > Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev > sipXecs IP PBX -- http://www.sipfoundry.org/ > _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev sipXecs IP PBX -- http://www.sipfoundry.org/
