[ejabberd] How to log into admin page

Konstantin Khomoutov flatworm at users.sourceforge.net
Sun Mar 16 20:16:45 MSK 2014


On Sun, 16 Mar 2014 11:16:59 -0400
"Yves S. Garret" <yoursurrogategod at gmail.com> wrote:

> > > How can I log into my admin ejabberd page?  Which file contains
> > > the password (or at least somewhere that I can change this)?
> >
> > You log in into the ejabberd web interface using a regular user
> > known to ejabberd, using its bare JID and the matching password;
> > for this to succeed, that user must be listed in the "admin" access
> > control list.
> >
> > Say, if you have a user yves at domain.local, and it's added to the
> > access control list named "admin" in the ejabberd configuration
> > file (or through the web admin form or by using some other means),
> > you navigate to the web admin URL and when the authentication
> > dialog pops up, you enter here "yves at domain.local" in the "login"
> > entry field and the matching password in the password entry.
> >
> > Note that there inherently exists a "chicken-and-egg" problem: to
> > add more admins via the web interface you have to already have at
> > least one of them.  So it's customary to first add at least one
> > admin directly into the ejabberd's configuration file to
> > "bootstrap" the whole thing. This admin is then able to log into
> > the web interface and add other admins there, if needed.
> >
[...]
> I followed this tutorial on installng ejabberd (I'm running
> ArchLinux, not Ubuntu, so some paths are different):
> http://www.linuxsnap.com/how-to-install-and-configure-ejabberd-on-ubuntu-server/
> 
> After running this command (and checking that I have ejabberd running
> as a process):
> ejabberdctl register ejabberd localhost 12345678
> 
> Afterwards, I went to localhost:5280/admin, expecting some sort of
> login, but found none of that.  Is there some other process that I
> need to run as well?

Well, the first thing I have to say is that I have *no* experience with
configuring these new series of ejabberd 13.XY (or whatever), I'm only
familiar with 2.1.X (and older), so I will assume that's what you have
installed.

The idea is that web administration might be needed to be explicitly
enabled for the ejabberd's HTTP listener as this listener might be used
for other tasks (such as HTTP polling and/or access using the BOSH
protocol).  To enable web administration module, you'll have to include
the `web_admin` atom into the list of options for the `ejabberd_http`
listener, like this:

  {5280, ejabberd_http, [web_admin]},

Note that you might want to 1) leave that port 5280 for HTTP poll and
BOSH access, and 2) set up a dedicated port for web administration
interface while enabling TLS to protect it.  This could be done by
adding another listener so that your config looks something like this:

  {5280, ejabberd_http, [http_poll]},
  {5270, ejabberd_http, [web_admin, tls, {certfile,
    "/etc/ejabberd/ejabberd.pem"}]},

Here we leave 5280 to HTTP poll and set up 5270 as web_admin
port only, protected using TLS with the specified server's certificate.
Note that should you configure things this way you'll obviously need
to specify that specific port in the URL when attempting to use the
web administration interface, like in

  https://server.domain.local:5270/admin/

Hope this helps.


More information about the ejabberd mailing list