User Service Plugin Readme

Overview

The User Service Plugin provides the ability to add,edit,delete users and manage their rosters by sending an http request to the server. It is intended to be used by applications automating the user administration process. This plugin's functionality is useful for applications that need to administer users outside of the Openfire admin console. An example of such an application might be a live sports reporting application that uses XMPP as its transport, and creates/deletes users according to the receipt, or non receipt, of a subscription fee.

Installation

Copy userservice.jar into the plugins directory of your Openfire server. The plugin will then be automatically deployed. To upgrade to a new version, copy the new userservice.jar file over the existing file.

Configuration

Access to the service is restricted with a "secret" that can be viewed and set from the User Service page in the Openfire admin console. This page is located on the admin console under "Server" and then "Server Settings". This should really only be considered weak security. The plugin was initially written with the assumption that http access to the Openfire service was only available to trusted machines. In the case of the plugin's author, a web application running on the same server as Openfire makes the request.

Using the Plugin

To administer users, submit HTTP requests to the userservice service. The service address is [hostname]plugins/userService/userservice. For example, if your server name is "example.com", the URL is http://example.com/plugins/userService/userservice

The following parameters can be passed into the request:

NameDescription
typeRequiredThe admin service required. Possible values are 'add', 'delete', 'update', 'enable', 'disable', 'add_roster', 'update_roster', 'delete_roster'.
secretRequired The secret key that allows access to the User Service.
usernameRequired The username of the user to 'add', 'delete', 'update', 'enable', 'disable', 'add_roster', 'update_roster', 'delete_roster'. ie the part before the @ symbol.
passwordRequired for 'add' operation The password of the new user or the user being updated.
nameOptional The display name of the new user or the user being updated. For 'add_roster', 'update_roster' operations specifies the nickname of the roster item.
emailOptional The email address of the new user or the user being updated.
groupsOptional List of groups where the user is a member. Values are comma delimited. When used with types "add" or "update", it adds the user to shared groups and auto-creates new groups.
When used with 'add_roster' and 'update_roster', it adds the user to roster groups provided the group name does not clash with an existing shared group.
item_jidRequired for 'add_roster', 'update_roster', 'delete_roster' operations. The JID of the roster item
subscriptionOptional Type of subscription for 'add_roster', 'update_roster' operations. Possible numeric values are: -1(remove), 0(none), 1(to), 2(from), 3(both).

Sample HTML

The following example adds a user

The following example adds a user, adds two shared groups (if not existing) and adds the user to both groups. The following example deletes a user and all roster items of the user. The following example disables a user (lockout) The following example enables a user (removes lockout) The following example updates a user The following example adds new roster item with subscription 'both' for user 'kafka' The following example adds new roster item with subscription 'both' for user 'kafka' and adds kafka to roster groups 'family' and 'friends' The following example updates existing roster item to subscription 'none' for user 'kafka' The following example deletes a specific roster item 'franz@kafka.com' for user 'kafka'

* When sending double characters (Chinese/Japanese/Korean etc) you should URLEncode the string as utf8.
In Java this is done like this
URLEncoder.encode(username, "UTF-8"));
If the strings are encoded incorrectly, double byte characters will look garbeled in the Admin Console.

Server Reply

The server will reply to all User Service requests with an XML result page. If the request was processed successfully the return will be a "result" element with a text body of "OK". If the request was unsuccessful, the return will be an "error" element with a text body of one of the following error strings.

Error StringDescription
IllegalArgumentException one of the parameters passed in to the User Service was bad.
UserNotFoundException No user of the name specified, for a delete or update operation, exists on this server. For 'update_roster' operation, roster item to be updated was not found.
UserAlreadyExistsException A user with the same name as the user about to be added, already exists. For 'add_roster' operation, roster item with the same JID already exists.
RequestNotAuthorised The supplied secret does not match the secret specified in the Admin Console or the requester is not a valid IP address.
UserServiceDisabled The User Service is currently set to disabled in the Admin Console.
SharedGroupException Roster item can not be added/deleted to/from a shared group for operations with roster.