[ejabberd] Access problem

Olivier BATARD obatard at gmail.com
Tue May 22 14:55:50 MSD 2007


I try to setup ejabberd on debian sid. I've installed ejabberd 1.1.3_1 with
the linux installer of process one. During the setup, I give :

- admin as admin user
- mypass as password
- Debian as domain.

Installation is ok. Starting is ok. But when I'm trying to register :

$ ./ejabberdctl register moi Debian password

Can't register user "moi at Debian" at node ejabberd at localhost: not_allowed

This is my ejabberd.cfg :

% $Id: $


% Users that have admin access.  Add line like one of the following after
% will be successfully registered on server to get admin access:
{acl, admin, {user, "admin", "Debian"}}.

% Blocked users:
%{acl, blocked, {user, "test"}}.

% Local users:
{acl, local, {user_regexp, ""}}.

% Another examples of ACLs:
%{acl, jabberorg, {server, "jabber.org"}}.
%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
%{acl, test, {user_regexp, "^test"}}.
%{acl, test, {user_glob, "test*"}}.

% Everybody can create pubsub nodes
{access, pubsub_createnode, [{allow, all}]}.

% Only admins can use configuration interface:
{access, configure, [{allow, admin}]}.

% Every username can be registered via in-band registration:
% You could replace {allow, all} with {deny, all} to prevent user from using
% in-band registration
{access, register, [{allow, all}]}.

% After successful registration user will get message with following subject
% and body:
% {"Welcome!",
%  "Welcome to Instant Messaging server localhost. "
%  "For information about ejabberd visit http://www.process-one.net/"}}.
% Replace them with 'none' if you don't want to send such message:
{welcome_message, none}.

% List of people who will get notifications about registered users
%{registration_watchers, ["admin1 at Debian",
%                         "admin2 at Debian"]}.

% Only admins can send announcement messages:
{access, announce, [{allow, admin}]}.

% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
           {allow, all}]}.

% Set shaper with name "normal" to limit traffic speed to 1000B/s
{shaper, normal, {maxrate, 1000}}.

% Set shaper with name "fast" to limit traffic speed to 50000B/s
{shaper, fast, {maxrate, 50000}}.

% For all users except admins used "normal" shaper
{access, c2s_shaper, [{none, admin},
              {normal, all}]}.

% For all S2S connections used "fast" shaper
{access, s2s_shaper, [{fast, all}]}.

% Admins of this server are also admins of MUC service:
{access, muc_admin, [{allow, admin}]}.

% All users are allowed to use MUC service:
{access, muc, [{allow, all}]}.

% This rule allows access only for local users:
{access, local, [{allow, local}]}.

% Authentication method.  If you want to use internal user base, then use
% this line:
{auth_method, internal}.

% For LDAP authentication use these lines instead of above one:
%{auth_method, ldap}.
%{ldap_servers, ["Debian"]}.    % List of LDAP servers
%{ldap_uidattr, "uid"}.            % LDAP attribute that holds user ID
%{ldap_base, "dc=example,dc=com"}. % Search base of LDAP directory
%{ldap_rootdn, "dc=example,dc=com"}. % LDAP manager
%{ldap_password, "******"}. % Password to LDAP manager

% For authentication via external script use the following:
%{auth_method, external}.
%{extauth_program, "/path/to/authentication/script"}.

% For authentication via ODBC use the following:
%{auth_method, odbc}.
%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.

% Host name:
{hosts, ["Debian"]}.

%% Define the maximum number of time a single user is allowed to connect:
{max_user_sessions, 10}.

%% Anonymous login support:
%%  auth_method: anonymous
%%  anonymous_protocol: sasl_anon|login_anon|both
%%  allow_multiple_connections: true|false
%%{host_config, "public.example.org", [{auth_method, anonymous},
%%                                     {allow_multiple_connections, false},
%%                                     {anonymous_protocol, sasl_anon}]}.
%% To use both anonymous and internal authentication:
%%{host_config, "public.example.org", [{auth_method, [anonymous,

% Default language for server messages
% TODO: Use installer selection
{language, "en"}.

% Listened ports:
{listen, [
      {5222, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536},
{shaper, c2s_shaper}]},
      %% Use this line to enable SSL:
      %%{5223, ejabberd_c2s,     [{access, c2s}, {max_stanza_size, 65536},
tls, {certfile, "/usr/local/ejabberd/conf/server.pem"}]},
      %% Use those lines instead for TLS support:
      %%{5222, ejabberd_c2s,     [{access, c2s}, {shaper, c2s_shaper},
starttls, {certfile, "/usr/local/ejabberd/conf/server.pem"}]},
      %%{5223, ejabberd_c2s,     [{access, c2s}, tls, {certfile,

      %% Remove this line if you want to prevent s2s connections:
      {5269, ejabberd_s2s_in,  [{shaper, s2s_shaper}, {max_stanza_size,

      %% remove http_poll to remove support for http polling
      %% remove web_admin to disable admin interface:
      {5280, ejabberd_http,    [http_poll, web_admin]}
      %% This is an example on how to define an external service/transport:
      %%{8888, ejabberd_service, [{access, all},
      %%        {hosts, ["icq.Debian", "sms.Debian"],
      %%        [{password, "secret"}]}]}

% If SRV lookup fails, then port 5269 is used to communicate with remote
{outgoing_s2s_port, 5269}.

% Used modules:
  {mod_register,   [{access, register}]},
  {mod_roster,     []},
  {mod_privacy,    []},
  {mod_adhoc,      []},
  {mod_configure,  []}, % Depends on mod_adhoc
  {mod_configure2, []},
  {mod_disco,      []},
  {mod_stats,      []},
  {mod_vcard,      []},
  {mod_offline,    []},
  {mod_announce,   [{access, announce}]}, % Depends on mod_adhoc
  {mod_echo,       [{host, "echo.Debian"}]},
  {mod_private,    []},
  {mod_irc,        []},
% Default options for mod_muc:
%   host: "conference." ++ ?MYNAME
%   access: all
%   access_create: all
%   access_admin: none (only room creator has owner privileges)
  {mod_muc,        [{access, muc}, {access_create, muc}, {access_admin,
%  {mod_muc_log,    []},
%  {mod_shared_roster, []},
  {mod_pubsub,     [{access_createnode, pubsub_createnode}]},
  {mod_time,       []},
  {mod_last,       []},
%  {mod_xmlrpc,[{port, 4560},{timeout, 5000}]},
  {mod_version,    []}

% Local Variables:
% mode: erlang
% End:

I can't login to admin web page too.

I've read carefully the process one doc, the faq and forum, no success.

Thanks for your help !

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jabber.ru/pipermail/ejabberd/attachments/20070522/07be939d/attachment.htm 

More information about the ejabberd mailing list