Tigase now operates using a Kernel and Beans style of programming. What does this mean for Tigase and You? Good news, really. Tigase XMPP Server is now working as a Kernel program, which will operate on it’s own and handle all the core functionality of the server. Component, and non-essential functionality will now be loaded as Beans. As a user, your experience will not change all that much. However, beans can be loaded and unloaded without having to restart Tigase, meaning that the program will behave more dynamically. This means a smaller footprint on memory on resources when components are not needed, and longer uptimes without having to rest art the program! This also allows for greater flexibility for Tigase XMPP Server to be better customized for unique solutions.

With the change of Tigase to a Kernel and Beans style of programming, we have also changed how the configuration file is managed. Although you will still edit the config.tdsl file like a plaintext file, a new style of formatting will be used known as DSL. Domain Specific Language may add more lines, but is a cleaner format, and provides a more secure configuration design since validation of the configuration is done at the domain level. For more information on this format and how to configure Tigase, visit DSL Configuration Guide.

Starting with Tigase XMPP Server 8.0.0, users connected on clustered nodes will be able use a see-other-host strategy when a node is being shutdown. Note: This may not be compatible with all clients. The Ad-hoc command is designed for a graceful shutdown of cluster nodes as a groovy script Shutdown.groovy. This script also allows for the -timeout setting which will delay shutdown of the node, and alert all users (via a headline message) that the server will be shutdown after a time. User clients that are compatible with the command will then detect other connected clusters and maintain their connections.

If the command is being sent to shut down the whole cluster, no see-other-host implementation will be sent, however timeout settings may still be used.

The script may be activated by an ad-hoc command, or sent using REST from remote or Tigase Admin UI.

Multiple changes have been made to the structure and coding for v8, many related to trimming size of repositories and old calls. Some of these improvements are listed here:

BouncyCastle Crypto API has now been employed to handle StartTLS negotiation. By doing this, Tigase now supports tls-unique within the SCRAM PLUS authentication implementation. This API is may be employed by calling the class in your configuration file:

c2s () {
    sslContextContainer(class: tigase.extras.bcstarttls.BCSSLContextContainer) {}
}

The BouncyCastle classes are included in the dist-max archives.

Default virtual hosts property is now able to be configured only as a domain name instead of the list of virtual host domains with options. Additional virtual host domains and their options need to be configured using ad-hoc commands or web AdminUI. Reference Virtual-Hosts Configuration for more details.

Since work began on v8.0.0 Tigase has required that all changes to Tigase XMPP Server and dependencies be signed with known certificates. This version marks the first to be totally signed.

We have cleaned up installation methods for Tigase and now recommend the use of web-installer method. IzPack installer (files tigase-server-<version>-b<build>.jar installation methods have been removed and will no longer be produced for v8.0.0 and later. Manual installation is still available for those unable to use HTTP or browser access. Visit our Quick Start guide for instructions on these other methods.

Emojis are now supported on MySQL databases, however some settings may be need to be changed, although they won’t affect existing databases. Visit this section for details.

Tigase now supports XEP-0215 - External Service Discovery allowing Tigase to discover services that are not available VIA the XMPP Protocol. For setup and configuration information visit External Service Discovery Component documentation.

XEP-0313 - Message Archive Management is now supported by Tigase featuring custom enhancements like full-text search and searching by tags. MAM requires Tigase’s message archive to be enabled in the config.tdsl file, and the schema (XEP-0136 or XEP-0313) must be configured in session manager settings. To turn on MAM, see configuration guide located here.

XEP-0363 - HTTP File Upload is now supported using Tigase HTTP API component now allowing for a more robust one-to-many file uploading option. Configuration details are available at the HTTP File Upload Component section of documentation.

Tigase now uses bootstrapping to startup, which will load configuration from config.tdsl file like before. Then Tigase will begin it’s normal operations with the configuration options. All startup functions for Tigase will now run under the bootstrap bean.

XEP-0077 In band registration can use Data Forms as an option to process new registrations. Now you can secure these registrations by employing a CAPTCHA solution. By enabling this option you can reduce the number of potential spammers and bots on your server.

Now each component has it’s own schema for databases, they are no longer tied into Tigase XMPP server versions making changes and updates to individual components easier, and may not disrupt all users not using certain components. See the schema update section for more details.

Statistics history can now be automatically made smaller if a systems memory resources are above a certain amount. By default this is enabled and will trigger when over 95% of memory is in use. Half of all existing entries will be removed at this time. The same pattern will continue to halve the available records every time the threshold is met. A hard-set minimum of 5 entries is set, so you will always have the last 5 entries. This setting may be adjusted by adding the following setting to your config.tdsl file and adjusting the integer value:

stats() {
  'stats-high-memory-level' = 95
}

For any bean, you may enable statistics by using the following

bean (class) {
  statistics = true
}

Tigase XMPP Server v8.0.0 now includes some efforts to prevent spam bot accounts from running on servers.

'account-registration-email-validator'() {}

Before version 8.0.0, user passwords were stored in plaintext in the user_pw database field within tig_users table, but in plaintext. It was possible to enable storage of the MD5 hash of the password instead, however this limited authentication mechanism SASL PLAIN only. However an MD5 hash of a password is not really a secure method as it is possible to revert this mechanism using rainbow tables.

Therefore, we decided to change this and store only encrypted versions of a password in PBKDF2 form which can be easily used for SCRAM-SHA-1 authentication mechanism or SCRAM-SHA-256. SASL PLAIN mechanism can also use these encrypted passwords.

The storage of encrypted passwords is now enabled by default in v8.0.0 of Tigase.

Memory Buffer for TLS no longer remains at highest buffer size needed for the server session. Buffer will now free memory during idle connections. Thus drastically improving program footprint.

It’s now possible to establish connection faster due to implementation of XEP-0305: XMPP Quickstart (#1936). Feature is only available for c2s Connection Manager (i.e. connections on port 5222) and needs to be enabled in config.tdsl

c2s () {
    'pipelining' = true
}

Timestamps in database will be stored using UTC time.

Config-type is now configured using DSL format. Visit this section for more information. The names of different config-type properties have changed: default replaces --gen-config-def, --gen=config-all, and --gen-config-default configuration types. session-manager replaces --gen-config-sm. connection-managers replaces --gen-config-cs. component replaces --gen-config-comp. setup - is a new type of config created for initial configuration of Tigase XMPP Server.

It is now possible to set connection testing to databases when connections are idle and customize the frequency with which this is done. Visit this section for more details.

Packet statistics both retrieved VIA XMPP and during graceful shutdown have now been separated to a per-XMLNS basis. This may be disabled by adding the following line to config.tdsl file:

'detailed-other-statistics' = false

XEP states that Privacy lists should be used when no user session exists in addition to when there is. Previously, Tigase would only filter results when retrieving messages, allowing blocked users to store offline messages. This has now been changed to reflect the XEP properly, and messages will be filtered while there is no user session. If however, you wish to use the previous version, where offline messages are cached first and then filtered, you may use the following configuration:

'sess-man' {
    'jabber:iq:privacy' () {
        privacyListOfflineCache (active: true) {
          size = 20000
        }
    }
}

By default, the cache has a limit of 10000 entries, that may be set by using size bean as seen above.

New permissions have been added to ACL including DOMAIN_OWNER and DOMAIN_ADMIN to reduce permissions checking, and add another level of fine-grained permissions. For more details, please see Tigase ACL configuration for more details.

You can now skip the schema check phase for individual databases. To do this, add the following do the datasource configuration block:

DataSource () {
  default () {
    'schema-management' = false
  }
}

This will do the following:

Version 8.0.0 improves security by preventing brute-force attacks. Feature needs to be explicitly enabled and configured (on per VHost basis). Detailed configuration is described in the section called “Brute-force attack prevention” (#8160)