3. About Tigase XMPP Server
Tigase XMPP Server is an Open Source and Free (AGPLv3) Java based server. The goals behind its design and implementation of the server are:
Make the server robust and reliable.
Make the server a secure communication platform.
Make a flexible server which can be applied to different use cases.
Make an extensible server which takes full advantage of XMPP protocol extensibility.
Make the server easy to setup and maintain.
3.1. Robust and reliable
This means that the server can handle many concurrent requests/connections and can run for a long time reliably. The server is designed and implemented to handle millions of simultaneous connections.
It is not enough however to design and implement a high load server and hope it will run well. The main focus of the project is put in into testing. Tests are taken so seriously that a dedicated testing framework has been implemented. All server functions are considered as implemented only when they pass a rigorous testing cycle. The testing cycle consists of 3 fundamental tests:
Functional tests - Checking whether the function works at all.
Performance tests - Checking whether the function performs well enough.
Stability tests - Checking whether the function behaves well in long term run. It must handle hundreds of requests a second in a several hour server run.
3.2. Security
There are a few elements of the security related to XMPP servers: secure data transmissions which is met by the implementation of SSL or TLS protocol, secure user authorization which is met by the implementation of DIGEST or SASL user authorization and secure deployment which is met by component architecture.
Secure deployment Tigase software installation does not impact network security. Companies usually have their networks divided into 2 parts: DMZ which is partially open to the outside world and the Private network which is closed to the outside world.
If the XMPP server is to provide an effective way of communication between company employees regardless if they are in a secure company office or outside (perhaps at a customer site), it needs to accept both internal and external connections. So the natural location for the server deployment is the DMZ. However, this solution has some considerations: each company has normally established network users base and integrated authorization mechanisms. However, that information should be stored outside the DMZ to protect internal security, so how to maintain ease of installation and system security?
Tigase server offers a solution for such a case. With it’s component structure, Tigase can be easily deployed on any number machines and from the user’s point of view it is seen as a one logical XMPP server. In this case we can install a Session Manager module in the private network, and a Client Connection Manager with Server Connection Manager in the DMZ.
Session Manager connects to DMZ and receives all packets from external users. Thus is can securely realize users authorization based on company authorization mechanisms.
3.3. Flexibility
There are many different XMPP server implementations. The most prevalent are:
Used as a business communication platform in small and medium companies where the server is not under a heavy load. For such deployments security is a key feature.
For huge community websites or internet portal servers is, on the other hand, usually under very heavy load and has to support thousands or millions of simultaneous connections. For such a deployment we need a different level of security as most of the service is open to the public.
For very small community deployments or for small home networks the key factor is ease to deploy and maintain.
Architecture based on components provides the ability to run selected modules on separate machines so the server can be easily applied in any scenario.
For simple installation the server generates a config file which can be used straight away with very few modifications or none at all. For complex deployments though, you can tweak configurations to your needs and setup XMPP server on as many physical machines as you need.
3.4. Extensibility
The world changes all the time as does user’s needs. The XMPP protocol has been designed to be extensible to make it easy to add new features and apply it to those different user’s needs. As a result, XMPP is a very effective platform not only for sending messages to other users, it can also be extended for sending instant notifications about events, a useful platform for on-line customer service, voice communication, and other cases where sending information instantly to other people is needed.
Tigase server has been designed to be extensible using a modular architecture. You can easily replace components which do not fulfill your requirements with others better fitting your needs. But that is not all, another factor of extensibility is how easy is to replace or add new extensions. A great deal of focus has been put into the server design API to make it easy for other software developers to create extensions and implement new features.
3.5. Ease of Use
Complex computer networks consisting of many servers with different services are hard to maintain. This requires employing professional staff to operate and maintain the network.
Not all networks are so complex however, most small companies have just a few servers for their needs with services like e-mail and a HTTP server. They might want to add an XMPP server to the collection of their services and don’t want to dedicate resources on setup and maintenance. For such users our default configuration is exactly what they need. If the operating system on the server is well configured, then Tigase should automatically pickup the correct hostname and be ready to operate immediately.
Tigase server is designed and implemented to allow dynamic reconfiguration during runtime so there is no need to restart the server each time you want to change configuration settings.
There are also interfaces and handlers available to make it easy to implement a web user interface for server monitoring and configuring.
3.6. XMPP Supported Extensions
Based on XEP-0387: XMPP Compliance Suites 2018
3.6.1. Core Compliance Suite
Support |
Specification |
Name |
Comment |
✓ |
Extensible Messaging and Presence Protocol (XMPP): Core |
||
⍻ |
Extensible Messaging and Presence Protocol (XMPP): Address Format |
We support previous version of the specification: RFC6122 |
|
✓ |
Use of Transport Layer Security (TLS) in the Extensible Messaging and Presence Protocol (XMPP) |
||
✓ |
SRV records for XMPP over TLS |
Requires adding DNS entries pointing to port 5223 |
|
✓ |
Service Discovery |
||
✓ |
Entity Capabilities |
||
✓ |
Jabber Component Protocol |
||
✓ |
Personal Eventing Protocol |
3.6.2. Web Compliance Suite
Support |
Specification |
Name |
Comment |
✓ |
An Extensible Messaging and Presence Protocol (XMPP) Subprotocol for WebSocket |
||
✓ |
XMPP Over BOSH |
||
✓ |
Bidirectional-streams Over Synchronous HTTP (BOSH) |
3.6.3. IM Compliance Suite
Support |
Specification |
Name |
Comment |
✓ |
Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence |
||
✓ |
User Avatar |
||
✓ |
vCard-Based Avatars |
||
✓ |
vcard-temp |
||
✓ |
Message Carbons |
||
✓ |
Blocking Command |
||
✓ |
Multi-User Chat |
||
✓ |
Direct MUC Invitations |
||
✓ |
Bookmarks |
||
✓ |
Persistent Storage of Private Data via PubSub |
||
✓ |
Private XML Storage |
||
✓ |
Stream Management |
Both |
|
✓ |
Message Archive Management |
3.6.4. Mobile Compliance Suite
Support |
Specification |
Name |
Comment |
✓ |
An Extensible Messaging and Presence Protocol (XMPP) Subprotocol for WebSocket |
||
✓ |
Stream Management |
Both |
|
✓ |
Client State Indication |
||
✓ |
Push Notifications |
3.6.5. Non-Compliance Suite Extensions
Support |
Specification |
Name |
Comment |
✓ |
Data Forms |
||
✓ |
IQ-Based Avatars |
||
✓ |
Last Activity |
||
✓ |
Flexible Offline Message Retrieval |
||
✓ |
Privacy Lists |
||
✓ |
Feature Negotiation |
||
✓ |
Message Events |
||
✓ |
In-Band Bytestreams |
||
✓ |
Ad-Hoc Commands |
||
✓ |
Result Set Management |
||
✓ |
Publish-Subscribe |
||
✓ |
SOCKS5 Bytestreams |
||
✓ |
Out of Band Data |
||
✓ |
Field Standardization for Data Forms |
||
✓ |
XHTML-IM |
||
✓ |
SOAP Over XMPP |
||
✓ |
In-Band Registration |
||
✓ |
Non-SASL Authentication |
||
✓ |
Advanced Message Processing |
||
✓ |
User Location |
||
✓ |
XMPP Date and Time Profiles |
||
✓ |
Nested Roster Groups |
||
✓ |
Chat State Notifications |
||
✓ |
Error Condition Mappings |
||
✓ |
Legacy Delayed Delivery |
||
✓ |
Software Version |
||
✓ |
File Transfer |
||
✓ |
Gateway Interaction |
||
✓ |
JID Escaping |
||
✓ |
User Mood |
Server support via |
|
✓ |
User Activity |
Server support via |
|
✓ |
User Tune |
Server support via |
|
✓ |
Common Alerting Protocol (CAP) Over XMPP |
||
✓ |
Service Discovery Extensions |
||
✓ |
Stanza Headers and Internet Metadata (SHIM) |
||
✓ |
Service Administration |
||
✓ |
Message Archiving |
||
✓ |
Data Forms Layout |
||
✓ [1] |
Workgroup Queues |
||
✓ |
Roster Item Exchange |
||
✓ |
Annotations |
||
✓ |
Remote Controlling Clients |
||
✓ |
Reachability Addresses |
||
✓ |
Stanza Session Negotiation |
||
✓ |
Discovering Alternative XMPP Connection Methods |
Uses DNS records, so will work with Tigase XMPP Server |
|
✓ |
Contact Addresses for XMPP Services |
||
✓ |
Best Practices for Handling Offline Messages |
||
✓ |
Jingle |
||
✓ |
Jingle RTP Sessions |
||
✓ |
Recommended Order of Stream Feature Negotiation |
||
✓ |
Language Translation |
||
✓ |
User Nickname |
||
✓ |
Serverless Messaging |
||
✓ |
Best Practices for Use of SASL ANONYMOUS |
||
✓ |
Jingle ICE-UDP Transport Method |
||
✓ |
Jingle Raw UDP Transport Method |
||
✓ |
Best Practices for Use of SASL EXTERNAL with Certificates |
||
✓ |
Jingle IAX Transport Method |
||
✓ |
Jingle Video via RTP |
||
✓ |
Jingle DTMF |
||
✓ |
Message Receipts |
||
✓ |
Dialback Key Generation and Validation |
||
✓ |
Best Practice for Closing Idle Streams |
||
✓ |
XMPP Ping |
||
✓ |
Best Practices for Message Threads |
||
✓ |
Entity Time |
||
✓ |
Delayed Delivery |
||
✓ |
Best Practices to Discourage Denial of Service Attacks |
||
✓ |
Metacontacts |
||
✓ |
Server Dialback |
||
✓ |
Attention |
||
✓ |
Component Connections |
||
✓ |
Message Stanza Profiles |
||
✓ |
Bits of Binary |
||
✓ |
Jingle File Transfer |
||
✓ |
The /me Command |
||
✓ |
End-to-End XML Streams |
||
✓ |
Jingle XML Streams |
||
✓ |
C2C Authentication Using TLS |
||
✓ |
Jingle Session Transfer |
||
✓ |
Jingle SOCKS5 Bytestreams Transport Method |
||
✓ |
Jingle In-Band Bytestreams Transport |
||
✓ |
Use of ZRTP in Jingle RTP Sessions |
||
✓ |
Microblogging over XMPP |
||
✓ |
vCard4 Over XMPP |
||
✓ |
In-Band Real Time Text |
||
✓ |
XMPP Quickstart |
||
✓ |
Internet of Things - Sensor Data |
||
✓ |
Internet of Things - Provisioning |
||
✓ |
Internet of Things - Control |
||
✓ |
Internet of Things - Concentrators |
||
✓ |
Chat Markers |
||
✓ |
HTTP File Upload |
||
✓ |
XMPP Compliance Suites 2018 |
3.6.6. Full, ordered list of supported RFCs and XEPs:
Support |
Specification |
Name |
Comment |
✓ |
Extensible Messaging and Presence Protocol (XMPP): Core |
||
✓ |
Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence |
||
⍻ |
Extensible Messaging and Presence Protocol (XMPP): Address Format |
We support previous version of the specification: RFC6122 |
|
✓ |
An Extensible Messaging and Presence Protocol (XMPP) Subprotocol for WebSocket |
||
✓ |
An Extensible Messaging and Presence Protocol (XMPP) Subprotocol for WebSocket |
||
✓ |
Use of Transport Layer Security (TLS) in the Extensible Messaging and Presence Protocol (XMPP) |
||
✓ |
Data Forms |
||
✓ |
IQ-Based Avatars |
||
✓ |
Last Activity |
||
✓ |
Flexible Offline Message Retrieval |
||
✓ |
Privacy Lists |
||
✓ |
Feature Negotiation |
||
✓ |
Message Events |
||
✓ |
Service Discovery |
||
✓ |
Multi-User Chat |
||
✓ |
In-Band Bytestreams |
||
✓ |
Bookmarks |
||
✓ |
Private XML Storage |
||
✓ |
Ad-Hoc Commands |
||
✓ |
vcard-temp |
||
✓ |
Result Set Management |
||
✓ |
Publish-Subscribe |
||
✓ |
SOCKS5 Bytestreams |
||
✓ |
Out of Band Data |
||
✓ |
Field Standardization for Data Forms |
||
✓ |
XHTML-IM |
||
✓ |
SOAP Over XMPP |
||
✓ |
In-Band Registration |
||
✓ |
Non-SASL Authentication |
||
✓ |
Advanced Message Processing |
||
✓ |
User Location |
||
✓ |
XMPP Date and Time Profiles |
||
✓ |
Nested Roster Groups |
||
✓ |
User Avatar |
||
✓ |
Chat State Notifications |
||
✓ |
Error Condition Mappings |
||
✓ |
Legacy Delayed Delivery |
||
✓ |
Software Version |
||
✓ |
File Transfer |
||
✓ |
Gateway Interaction |
||
✓ |
JID Escaping |
||
✓ |
User Mood |
Server support via |
|
✓ |
User Activity |
Server support via |
|
✓ |
Jabber Component Protocol |
||
✓ |
Entity Capabilities |
||
✓ |
User Tune |
Server support via |
|
✓ |
Bidirectional-streams Over Synchronous HTTP (BOSH) |
||
✓ |
Service Discovery Extensions |
||
✓ |
Common Alerting Protocol (CAP) Over XMPP |
||
✓ |
Stanza Headers and Internet Metadata (SHIM) |
||
✓ |
Service Administration |
||
✓ |
Message Archiving |
||
✓ |
Data Forms Layout |
||
✓ |
Workgroup Queues |
||
✓ |
Roster Item Exchange |
||
✓ |
Annotations |
||
✓ |
Remote Controlling Clients |
||
✓ |
Reachability Addresses |
||
✓ |
vCard-Based Avatars |
||
✓ |
Stanza Session Negotiation |
||
✓ |
Discovering Alternative XMPP Connection Methods |
Uses DNS records, so will work with Tigase XMPP Server |
|
✓ |
Contact Addresses for XMPP Services |
||
✓ |
Best Practices for Handling Offline Messages |
||
✓ |
Personal Eventing Protocol |
||
✓ |
Jingle |
||
✓ |
Jingle RTP Sessions |
||
✓ |
Recommended Order of Stream Feature Negotiation |
||
✓ |
Language Translation |
||
✓ |
User Nickname |
||
✓ |
Serverless Messaging |
||
✓ |
Best Practices for Use of SASL ANONYMOUS |
||
✓ |
Jingle ICE-UDP Transport Method |
||
✓ |
Jingle Raw UDP Transport Method |
||
✓ |
Best Practices for Use of SASL EXTERNAL with Certificates |
||
✓ |
Jingle IAX Transport Method |
||
✓ |
Jingle Video via RTP |
||
✓ |
Jingle DTMF |
||
✓ |
Message Receipts |
||
✓ |
Dialback Key Generation and Validation |
||
✓ |
Best Practice for Closing Idle Streams |
||
✓ |
Blocking Command |
||
✓ |
Stream Management |
Both |
|
✓ |
XMPP Ping |
||
✓ |
Best Practices for Message Threads |
||
✓ |
Entity Time |
||
✓ |
Delayed Delivery |
||
✓ |
Best Practices to Discourage Denial of Service Attacks |
||
✓ |
XMPP Over BOSH |
||
✓ |
Metacontacts |
||
✓ |
Server Dialback |
||
✓ |
Persistent Storage of Private Data via PubSub |
||
✓ |
Attention |
||
✓ |
Component Connections |
||
✓ |
Message Stanza Profiles |
||
✓ |
Bits of Binary |
||
✓ |
Jingle File Transfer |
||
✓ |
The /me Command |
||
✓ |
End-to-End XML Streams |
||
✓ |
Jingle XML Streams |
||
✓ |
Direct MUC Invitations |
||
✓ |
C2C Authentication Using TLS |
||
✓ |
Jingle Session Transfer |
||
✓ |
Jingle SOCKS5 Bytestreams Transport Method |
||
✓ |
Jingle In-Band Bytestreams Transport |
||
✓ |
Use of ZRTP in Jingle RTP Sessions |
||
✓ |
Microblogging over XMPP |
||
✓ |
Message Carbons |
||
✓ |
vCard4 Over XMPP |
||
✓ |
In-Band Real Time Text |
||
✓ |
XMPP Quickstart |
||
✓ |
Message Archive Management |
||
✓ |
Internet of Things - Sensor Data |
||
✓ |
Internet of Things - Provisioning |
||
✓ |
Internet of Things - Control |
||
✓ |
Internet of Things - Concentrators |
||
✓ |
Chat Markers |
||
✓ |
Client State Indication |
||
✓ |
Push Notifications |
||
✓ |
HTTP File Upload |
||
✓ |
SRV records for XMPP over TLS |
Requires adding DNS entries pointing to port 5223 |
|
✓ |
XMPP Compliance Suites 2018 |
3.7. Tigase Custom Extensions
3.7.1. General features
Support |
Name |
Comment |
✓ [2] |
AuditLog |
Ability functionality to log important events in a system (loggins, message exchanges, calls) |
✓ |
Anti Abuse |
Fight stanza SPAM, DoS, brute-force attacks and other threats |
✓ |
Virtual domains |
Ability to create and manage multiple virtual domains from a single instance and restart-less management |
✓ |
MUC subscribe for offline push |
Option to register permanently to the room to receive push notifications about new messages. |
✓ |
Scripting API |
Supports the Java Scripting API JSR-223 |
✓ |
JMX monitoring |
Advanced monitoring the server via JMX protocol with an API for connecting custom monitors and TCP/IP end-point for connecting general purpose JMX tools |
✓ |
HTTP monitoring |
Basic monitoring via HTTP protocol |
✓ |
XMPP Monitoring |
Pluggable, active monitoring via XMPP, retrieving detailed server statistics, receiving automatic notifications about possible problems discovered by the self-monitor mechanisms |
✓ |
SNMP Monitoring |
Advanced server monitoring via SNMP. |
✓ |
Bosh Cache |
Bosh Session Cache - a feature to quickly reload user data - roster, presences and messages history by the web client (for example after web page reload) |
✓ |
Clustering |
Full clustering support for HA and LB with pluggabble clustering strategies for perfect optimising the cluster to the client’s system |
✓ |
Advanced Clustering Strategy |
Dedicated, specialised clustering strategy for best possible performance |
✓ |
MUC Clustered |
Support for clustering group chatrooms with various, pluggable strategies |
✓ |
PubSub Clustered |
Support for clustering PubSub component with various, pluggable strategies |
✓ |
Mobile optimisations |
Optimizations designed for Mobile Devices |
✓ |
OSGi |
Support for running in OSGi environment, i.e. as embedded XMPP server in advanced application server |
✓ |
Dynamic rosters |
Ability to create users’ rosters entries on the fly based on data retrieved from any sources |
✓ |
Command line admin tools |
Commandline utility to manage server |
✓ |
Unified Archive |
An extension to XEP-0313 Message Archive Management, with greatly improved flexibility in terms of what can be archived. |
3.7.2. Repositories/Databases
Support |
Name |
Comment |
✓ |
DB per domain |
Ability to have multiple databases for specific domains. |
✓ |
PostgreSQL |
Full support for PostgreSQL database with database schemas excluding dedicated DB schema for PubSub component |
✓ |
MySQL |
Full support for MySQL database with database schemas, dedicated DB schema for PubSub component |
✓ |
SQL Server |
Full support for MS SQL Server database with database schemas excluding dedicated DB schema for PubSub component, only in Tigase server version 3.x |
✓ |
Derby DB |
Full support for built-in Derby database with database schemas excluding dedicated DB schema for PubSub component |
✓ |
JDBC |
Support for all JDBC enabled databases, although the database schemas are available for some databases |
✓ |
Drupal Auth |
Drupal authentication - the Tigase server can share user authentication database with Drupal CMS and authenticate users agains Drupal user database |
✓ |
Drupal Auth |
Close integration with Drupal CMS, the Tigase can send notifications to subscribed users about new posts, comments and can also publish short news information via XMPP |
✓ |
LDAP-Auth |
LDAP Authentication Connector Supported |