Slashdot Mirror
Programming Jabber
Jabber was first conceived by Jeremie Miller (pic) in early 1998 in an effort to unify the disparate instant messaging networks. Instant Messaging networks rely on the network effect to gain and retain marketshare. The concept is the same when applied to any sort of participatory network whether it's a junk exchange, or content exchange, the value of the network increases with the square of the number of participants.
If this is true, then doesn't it follow that it is in the best interests of the IM networks to establish peering agreements with each other so that their users can directly contact users on other networks without having to install each client?
Hello, Jabber.
When I first picked up this book, I expected to understand the Jabber protocol in sufficient depth to implement my own IM client. Instead, the approach this book takes is that Jabber isn't just an XML-based protocol strictly for IM, rather it is a general purpose event notification protocol that has some very nice message routing and user management features built into it. While i was reading about the messages that Jabber has defined as part of the protocol, I could easily see other applications/devices generating Jabber messages to notify subscribers (either other systems, or people) of events.
Part 1 of the book focuses on getting you up to speed on the basics of Jabber technology: motivation, major features, XML protocol sample and compiling/configuring your own Jabber server. Chapter 2 presents the "10,000 foot view" of Jabber technology. In here you will find a sample client-query request/response flow with full HTTP headers, discussed step by step. The next two chapters are a very in-depth discussion of installing and configuring your own Jabber server. When you dive into a custom configuration of a fleet of Jabber servers (a "constellation" in Jabber terminology), it really starts to hit home that the real problem Jabber solves is far deeper than just IM.
From there, part 2 kicks off with a detailed discussion of the most basic building blocks of Jabber technology: resource identifiers, XML handling mechanism and the set of XML elements/attributes that make up the vocabulary of the Jabber protocol. Each element/attribute is presented with an annotated example and sample client/server interactions where appropriate. Examples can make or break a technical book, and these examples do a good job of illustrating how the element/attribute is used.
The following chapters take you through using standard Jabber features, user registration/authorization, messages, presence, groupchat, components and the event model to enable new applications. One very interesting application presented is enabling developers to receive CVS commit notifications via Jabber.
What's Bad?I know the /. community is suspicious of glowing book reviews where everything is wonderful and nothing could be done to improve the book, so I'll nitpick. My major problem with this book is that the overwhelming majority of the sample applications are written in PERL/TK. This isn't a problem in and of itself, but I'm not a PERL/TK developer. If I build a Jabber solution, it will be in java, so PERL/TK samples don't do me a lot of good. I think equal time should be given to implementing Jabber using the two most-used languages, as defined by the number and activity of open source projects using Jabber technology.
What's Good?This book covers everything relevant to Jabber technology, from lowest level inner workings and extensibility examples for developers to configuration and deployment for admins. Most of the book is spent looking directly at the Jabber XML protocol, instead of a specific API implementation. This way, the book covers the technology and doesn't get lost in how one particular API models the protocol.
So What's In It For Me?If you want to implement an inside-the-firewall IM solution for your company/group/tribe or investigate integrating event notification into an application, this is a great starting point. If you're just curious about Jabber and want to know how it works, then this will give you enough information to get you hooked.
Table of ContentsPART 1: Getting Started with Jabber
- Chapter 1. Introducing Jabber
- Chapter 2. Inside Jabber
- Chapter 3. Installing the Jabber Server
- Chapter 4. Server Architecture and Configuration
PART 2: Putting Jabber's Concepts to Work
- Chapter 5. Jabber Technology Basics
- Chapter 6. Jabber Namespaces
- Chapter 7. User Registration and Authorization
- Chapter 8. Using Messages and Presence
- Chapter 9. Groupchat, Components, and Event Models
- Chapter 10. Pointers for Further Development
Appendix A. The Jabber.xml Contents
Appendix B. The IQRPC Classes for JabberRPCResponder
Index
O'Reilly has posted other reviews of the book on their site. You can purchase Programming Jabber from bn.com. Want to see your own review here? Just read the book review guidelines, then use Slashdot's handy submission form.
machines and programs can use a general purpose communication system like this, with no human middleman required.
This is on of the hottest topic for the near-future computing world.
Anyway the SOAP (+WSDL+UDDI, ie: the Web Services) initiative seems much closer to be the real mover in this environment.
Interesting (but not suprisingly), XML is the basic enabling technology for all these efforts.
667 The Neighbour of the Beast
I got really excited about Jabber for the longest time. I'm sort of disappointed in it now, since it seems like they're still having problems connecting to AIM and ICQ. The AIM connection is the most vital for me, since our department uses AIM to send short quick messages to each other. Most of the people here are using AIM's own client, but I started to use Jabber so that I could talk to my friends on ICQ. (And promptly signed up for MSN and Yahoo, so I could catch everyone from everywhere.) Now I use Trillian, which only disappoints me by neither providing source code (which I only want for the principle of it) nor supporting Jabber itself (which does kind of bug me).
While on the topic of Jabber. Why not have the sendmail folks and the jabber folks get togethor and unite their work into a single project. Complete with admin tools so that once someone has a sendmail account on a Unix, they by default have a jabber IM account. It would go a long ways towards taking down AIM, MSN, and ICQ.
I've set up a Jabber box (an early 1.x release) and played about with it, and it was a *very* good experience. Everything worked as advertised. On the other hand, setting up Jabber with SSL was a confusing process without too much documentation and I eventually gave up. Since SSL is a must for `serious' Jabber use, has there been some progress made on making secure Jabber installations easy to achieve?
I read this book looking to use jabber for automated XML messaging and I'll have to say, it has a lot of nifty features that I'd love to use. Unfortunately, it's never getting deployed in my network. Why?
You can't cluster jabber servers. If the main jabber server goes down, you're hosed. In any application that's worth the effort to deploy, having such a single point of failure is a big problem. Additionally, I was kinda annoyed at how jabber leans so much towards instant messaging. I know, I know, that's what it was built for, but this book is trying to pass it off as an "XML messaging" tool, but it's properties often sway back to IM.
In conclusion, if you wanna fool around with a nifty IM robot that doesn't need to be relied on, jabber is a nifty tool. If you wanna do real XML messaging, try something like xmlblaster.
One thing that confuses me about Jabber is that
people seem to forget that good old SMTP solves many of the same problems, and in fact solves them better.
For example, many years of work have gone into making sure that email never gets lost. SMTP mailers just don't lose email anymore. Jabber messages, on the other hand, are not really reliable. If the user to whom you are targeting a message is not online, the server may queue the messages, but the policy is not clear as to how long they will be stored, or if the server is rquired to store them at all.
This makes me worry about the idea of using Jabber to build infrastructure where you
rely on messages to always be delivered.
It seems to me that many of the issues that Jabber
solves have been solved using existing
technology such as SMTP, and mailer and mailing list services built on top of it, like qmail, mailman, etc.
I've played around with the jabber module in Perl, which was pretty easy to use.
Jabber started to disappoint when they stopped supporting AIM/ICQ. I don't know if it's permanent, I don't actually know if it's still not supported. But, since AIM is what I have to use for work (otherwise, I would still just be using ICQ to talk to my friends), I needed something that could stay connected.
I use Trillian now. It still does ICQ/AIM as well as IRC/MSN/Y!, which is why I need something like this, but it doesn't provide source code (which I only really want for the principle of it) and it doesn't support Jabber's protocol. (They're talking about releasing an API for writing plugins. At least it's free (as in beer). (I've got a few of my coworkers switched from AIM to Trillian...) Hopefully Jabber will fix up the connectivity issues (or have ALREADY fixed them up.) gosh, I should download WinJab again and check.
I have a lot fo friends on different IM systems. Mostly it's AIM, but some on ICQ, Yahoo, and MSN. I use gabber as my primary linux IM client, and myJabber for windows.
Probably the best thing about gabber and myJabber is that they offer encryption. Both can connect to servers using SSL encryption, and gabber has the added bonus of being able to use GPG keys for one to one chats to particular users. This gives me a warm squishy feeling as I communicate over networks that I _know_ are being monitored. The SSL is very nice, because at least I know my communication between the server and myself is at least not totally trivial to break (yes, I know about ettercap). This appears to even affect my aim traffic, as the AIM transport on the server does the actual relaying of messages.
Jabber has a billion other things in it. You should really give it a shot.
-- Who is the bigger fool? The fool or the fool who follows him? --
The problems with proprietary IM networks come, precisely, from those networks' desire to remain proprietary. Witness the self-blocking efforts AOL, Microsoft, Yahoo and ICQ perform on each other, which, inevitably, hit free clients designed to connect to those networks. Jabber's transports are no exception; if AOL decides to block MSN Messenger by altering its protocol, we're gonna get hit too.
Jabber's ability to access other IM networks is to be seen as a "bonus feature", probably not the main reason to use Jabber. Jabber excels at letting an organization (not necessarily a company, but a group of individuals and/or machines) in need of communication, do just that, communicate, using well-documented protocols, Free software, and self-maintained infrastructure. Granted, maintaining a Jabber server is not too easy (but it's not impossible either), but the knowledge that you're not subject to the whims of AOL, Microsoft and whatnot, plus the sheer number of client software available to suit every user's needs (there's TONS of Jabber clients, I settled for Shaolo on Linux and JIM on Windows) make Jabber an intriguing option for those in need of serious communication.
I'm serious. IBM spent a ton of money building MQ-Series, which is a hideously complex messaging protocol for inter-and-intra systems communications in and between mainframe subsystems/LPARs and Unix systems (AIX mostly, since this is IBM, after all).
MQ-Series really is complicated, maybe over-complicated, to the point that IBM and customers even have "MQ-Series Specialists" on staff.
I'm not flaming IBM here (h*ll, I used to work for them, and they're a great company to work with), but they do have an unfortunate tendency to build overly complex systems where simpler ones might be a lot easier to use.
I've recently been involved in at least two large-scale projects involving developers in three countries, US, Singapore and India. The timescales were very small; we had to implement one of the systems within 48 hours. A huge coding effort it was, with rapid real-time changes to design specs.
/.-ter after all), I just can't de-emphasise how critical MSN Messenger was during development.
As much as I hate M$ (hey, I AM a
Only one problem though:- you'll need intense amounts of concentration to ignore junk messages from friends.
This is one place I'd focus on. You know, perhaps an avatar sort of thing; in your programming (work) avatar, you are online to only a certain people. In your chillout avatar, you are online to everyone. The programming avatar also could have an auto-message feature:- perhaps one that delivers a message to the tester once you finish coding a class or something.
Any open source Jabber-related projects out there working on this?
Jabber, AIM, MSN, and others use TCP. In fact, the only client I know of that ever used UDP was ICQ, but that was an older protocol that is no longer being used
I think his point was that Jabber is like UDP in that you aren't sure that any particular message will get through, but then you don't pay the overhead of making sure.
-- MarkusQ
Part of the problem stems from the fact that IM software addresses 2 applications at the same time, unnecessarily coupling the implementations. These problems could really be approached separately:
- Learn the IP address associated with a globally-unique username
- Send a text message to the interactive operator of a machine with an IP address
The first problem is the much more interesting one- Jabber & AIM already somewhat solve it, but in an unsatisfactory and poorly extensible way. Better solutions would be based on an extension to the normal DNS system- essentially, you want each human to have a resolvable domain name associated with her. With that in place, InstantMessaging is an easy problem.A person could try to implement "TCP over IM", but it would've been nicer if the systems had been designed for this from the start. Actually, there is a 3rd general-purpose facility that might be needed, for reasons of privacy. There should be a way to send a packet to a "resolvable human name", without knowing the IP address it currently maps through. The (trusted) central server will have to forward packets in both directions. (I think that's how AIM normally operates, except that it doesn't accept generic packets, only AIM-formatted messages).
However, that method doesn't uniformly improve privacy. While it does prevent other users from learning your IP address, it makes it much easier for AOL (or other central server operator) to spy on the contents of your discussions. (You should be using encryption, anyway).
I wish there was a way to find out who made a certain moderation, and send a guy named Guido to their house to find out why they did so. Preferably in one click.
Actually, I don't think N-Squared is exactly the right function- you're really looking for Metcalf's Law. It states that "The value of a product that interoperates with others of its own type increases as the product becomes more common". This applies to telephones, ethernet cards, internet accounts, and even software like Microsoft Word. It was put forth by the inventor of ethernet in his graduate thesis. For a long overview of the maths, seeo ry_gi lder.article
http://www.eff.org/Net_culture/ethernet_hist
PS. Some texts will print "Gate's Corrolary" beneath the entry for Metcalf's Law. "If the product is software controlled by a single provider, the provider can discontinue interoperability with prior versions to force all existing users to purchase new products, indefinately"
Trillian, OTOH, while it's a great program (I use it myself) is nothing more than a combined front-end client for the existing IM services. Trillian will not help you when you are in a situation where opening a hole in the firewall for IM traffic is just not feasible (assuming that your networked office has Internet access to begin with, and that is NOT a given in the health care field)
AveryZero
The book, from what I read of it (not 100% - maybe 60%) is handy, but didn't tell me much beyond the jabber documentation already out there.
What seems to be a huge issue for Jabber is user profile integration with databases. There seems to be an unsupported mysql hack, but the key is 'unsupported'. If you look in the Jabber mail list archives, every month there's people asking how to do it, but NEVER any answers.
Another great one that doesn't get answered - which the book doesn't address either - is the format of the user XML files. Each user by default has an XML file, and many people would like to create them programatically. There is no definitive resource which explains what's in a file and what isn't, and how to put one together. I've hacked something, and it works, but only after several attemps, and it doesn't *feel* good. I'm hesitant to try to add anything else lest I break what's working.
Jabber.com has a huge vested interest in keeping some of this stuff not in the public knowledgebase, because they charge (comparitively) a LOT of money for their stuff.
Last time I spoke with them the minimum to get started was $16,000. Their package offers a completely rewritten jabber server (better thread handling), Oracle and LDAP connectors, and a good Java applet client.
NO ONE in the open source community has even come close to having a Java applet client that is workable in a practical sense.
So yes, the protocol is open, and free, but there doesn't seem to be much consensus on tools, except from Jabber.com and they cost.
What I think Jabber as an open source project needs to focus on:
* XML user file definition and/or database support for user profiles
* Good applet client
:)
creation science book
I've always wondered why we don't just switch the internet over to IPv6 and give each human on the planet their own address.
Ergonomica Auctorita Illico!
Yeah I biffed the link. O'Reilly's web server is case sensitive so this:
h 05 . tml
h 05 . tml
http://www.oreilly.com/catalog/Jabber/chapter/c
is not the same as this:
http://www.oreilly.com/catalog/jabber/chapter/c
The correct link is the second one.
it's not going to stop until you wise up, no it's not going to stop. so just give up.
one for the main server
one specifically for AIM
one for ICQ
one for MSN
one for yahoo! IM
the four IM trasport servers have their own jabberd process. If a transport server dies (as they occasionally do), you can bring that server back up without affecting any other servers.
But you don't have to break up the servers this way. You could run multiple jabber servers, and place bandwidth restrictions on them so that when a jabber server got "full", it would stop receiving connections, so the jabber server above it in the chain would then forward it on to the next jabber server in the chain, or back up if it's out of children servers.
it's a relatively simple matter to setup an init.d script to monitor the health of all the processes, and restart them when and if they fail. I've been running a jabber server on one of our linux boxes for weeks now, and I haven't had to touch it once. I highly recommend jabber for intranets.
I've seen a lot of comments disliking the abundance of Perl/Tk usage in DJ's book. Recently Manning Publications released Instant Messaging in JAVA: The Jabber Protocols in print and ebook. It was written by Iain Shigeoka, and is ISBN 1-930110-46-4. It's a good read and goes over the creation of both a client and a basic server in Java, plus a good deal more.
It also contains the NYC Phonebook...
In 18-pt type.
My father is a blogger.
For the record, most of the clients there suck. That's not to say they're all bad, or cast aspersions on the authors. Most of them say 'beta' or 'alpha' or 'version 0.2' - things like that. *MOST* seem to be someone's idea of a programming exercise, and having to wade thru 3-4 clients before finding a decent one isn't a good use of most people's time.
:)
Gabber, GAIM and Everybuddy are fairly standard, but depending on what distro I'm using, they often crash. GAIM is most stable, usually. Having a perl command line client won't count as a 'prebuilt client' for most people. Likewise an Emacs client, while neato, won't cut it for most people used to AIM/Yahoo!. Konverse sounds nice, but I can't get it to run.
Under Windows, Winjab and myJabber seem the most solid/stable, but even they have problems. myJabber has some issue with futzing up if the person you're writing to has an 'away' responder on, and so on. There's so many little niggling things wrong with so many of the clients that it's frustrating to recommend this to people. AIM makes it look so damn simple.
creation science book
"I think equal time should be given to implementing Jabber using the two most-used languages, "
assembly and C?
The Kruger Dunning explains most post on
I beg to differ. I develop the AIM Transport. I've also worked on libfaim, and was around for the initial introduction of TOC. TOC looked promising despite it's odd ASCII protocol, but we continued work on OSCAR because TOC was considered a side project and not 100% supported by AOL. As luck would have it AOL has proved that decision to be wise many times. They have stopped work on TOC numerous times and have even removed features from it. OSCAR has continued to grow. When AOL started to try and block us (Jabber) we grew fairly confident that their changes were directed solely at Jabber. The blocks always happened after minute changes I made in the aim source specifically, and we were told so in an indirect way. Some ended up affecting other libfaim based projects such as Gaim. Until everything was figured out I was heavily considering a TOC implementation. The problem was that would have caused problems for other programs using TOC if they continued to actively target Jabber. I decided this type of behaivour would be unfair to the other projects, and it continues to allow them to always have a "pure" channel. In the end it has all worked out. We have fully figured out their attempted blocks and everything seems to be moving forward. There are specific IP blocks on some of the larger Jabber servers, but that's life.
Currently I'm actively working on the AIM-Transport (more information). and expect to put out a version 0.10 in not too long.
Problem Number One: The server sucks.
Feel free to write your own. The protocol is completely open and documented.
Problem Number Two: The gateways suck
Feel free to write your own. The Jabber protocol is completely open and documented. The other IM networks you'll have to reverse engineer for yourself. This is not a jabber problem.
Problem Number Four: It's not neccessary.
In this case, fax machines aren't necessary because we already have the post office. EMail isn't necessary because we have phones. Phones aren't necessary because we have the post office.
Ah the sweet smell of progress.
it's not going to stop until you wise up, no it's not going to stop. so just give up.
For the record, most of the clients there suck.
I agree wholeheartedly. When I went from Windows (ICQ99b) to Linux, I grabbed LICQ. Then when v5 ICQ protocol was being refused by the servers I went to Jabber and tried locating a client I could use that didn't pop up windows and didn't just have huge chat windows. In short, I wanted something light and fast and unobtrusive, like LICQ or the OLD Mirabilis client for Win32. I settled on Psi.
Psi is small, fast, cross-platform, simple and clean. I LOVE this client. I would strongly urge everyone who is using this client to send Justin a few dollars through his PayPal account to keep him actively developing his client. He responds to bug reports, accepts patches and tries to include feature requests. Open Source done right, I tell you.
I'd mod you as flamebait, but it looks like someone else already did. Quit spewing FUD.
I've set up a Jabber server over 6 months ago and I'm using a client called Psi. I regularly connect to the MSN and ICQ networks through my server. I have not experienced one problem, much less the disaster you predict.
I prefer Jabber to the mess of carrying a cellphone, pager, checking email and the office phone. Yes I have them all but I only carry the cel/pager when necessary. I tell people to use Jabber or email if the need to get in touch with me, since telco charges are expensive and I'm not likely to be at the office anyway. My email client isn't always open but my IM is. Jabber is excellent for tying things together.
In a similar vein, if someone were to suggest to me firing anyone who suggested Jabber I'd end up firing them for being so small-minded. I've far less use for a person who won't consider new technologies than someone who is constantly on the lookout for the next best thing. Then again I'm the network admin for this company, so what do I know?
The Jabber system depends on the routing of messages -- more or less the same way SMTP works, users are identified by a flexible user@host path syntax, except Jabber doesn't (afaik!) have the equivalent of the MX name server record. When I send a message to bob@snarkfimblepooh.com, it first goes to my own Jabber server, byzantine.no, which forwards it to snarkfimblepooh.com. A message can be forwarded multiple times if multiple layers of servers are involved, such as with external/internal servers or gateways. Jabber can be gatewayed to/from SMTP and other systems, indeed a lot of people, me included, use Jabber to access the AIM, ICQ, MSN and Yahoo! networks.
There is no central/global user name space because it is unnecessarily complex. It's a decentralized system that does separate the two concerns you list.
just yesterday the security bigwigs at the corp i work at sent down a draconian letter about instant messenger programs wasting bandwidth, and more importantly, exposing proprietary information on the internet.
A little over a year ago instant messenger clients were banned "without specific authorization" and were heavily used contraband. Now MSN Messenger is a vital part (and defacto standard) of corporate communications. Unfortunately there is a lot of productivity lost from A) Microsoft's shitty network that doesn't deliver near as many messages as you'd expect, and fails to report errors... and B) lots of information that is generated in impromptu conversations and lost when the chat is done. Then there is also C) the waste of bandwidth and D) the security and privacy issues.
Back in the contraband days I whipped up a quick VB program for our group, and was in the process of converting it to a java applet with direct socket layer communication when MSN Messenger was finally let in.
When the new email came down, I quickly responded with a link to imici.com for a solution and then threw in jabber.org and mentioned it as a free alternative. Any one of the above reasons (A-D) is enough to switch, but maybe not enough to overcome the inertia of MSN un-emoticons.
Jabber is a PROTOCOL, not an instant messenger
I've often wondered if Jabber should be renamed to something else to avoid the confusion. Currently when most people hear the term, they probably think of JIM (a client) or Jabber Inc. (a company that makes a server).
In a recent JSF conference meeting, someone brought up the idea of changing the protocol name to XMPP (eXtensible Messaging and Presence Protocol). I doubt it would ever happen, but something to think about.
Yeah. Just like the server for the web. What's that you say? There are different servers for the web? Ah, must be like Jabber. There's a nice open source jabberd, a commercial Jabber server, one integrated into Oracle, and hey, look! An RFC for standards, just like the web.
But the web, as a concept, sucks because "the web server sucks".
Problem Number Two: The gateways suck.
I must say, I've only been using Jabber for a few weeks, but the gateways on the server I use (charente.de) seem to be perfectly stable. I have greater uptime than Trillian users, and the one time I thought the AIM gateway had problems, two users using the "real" windows AIM client were also booted. I'd say the gateways are at least as stable as the servers themselves.
Additionally, you'll find that the jabber gateways can't block senders, so remember that psychopath who is suing the company and you don't want to even know if he's trying to contact you? Too fucking bad, suddenly his messages pop right up.
Um. No. Incorrect. You can block messages, or you can use advanced presence to appear logged off to certain users or all users. Your perception of that incorrect "fact" leads us to...
Problem Number Three: The client sucks.
The client. *The* client. Ya know, the client for the web sucks too. I wish there was some choice in the matter. Unfortunatly, Mosaic keep screashing on me, and I can't get it to use Java. (You do realize that there are a dozen or more clients to choose from, yes?)
Problem Number Four: It's not neccessary.
I'll agree with you there. However, it's a unifying messaging protocol that binds together eveything from SMS to email to AIM to server alerts with intelligent routing, prioritizing and placing it into very scriptable XML documents.
Everybody already has a desk phone, a cell phone and email. Many people also have pagers, wireless email and such. The problem isn't a lack of methods with which to communicate. Adding jabber will not make your company more competitive, reduce costs, improve communication or improve morale.
Ah, but the idea behind Jabber is to unify all those things. To provide a standard of messaging, so you don't have to check 3 voice mail boxes, 6 text interfaces (email, pager, SMS phone, AIM, intranet), and so on - plus you don't have to worry about numbers or addresses changing. You can globally manage all your communications, and use a single check point, and hopefully eventually wean down your contact points at your lesure.
--
Evan The moral of the story? Shoot anybody who uses jabber, and you'll save yourself a lot of trouble in the long run.
"$30 for the One True Ring. $10 each additional ring!" -- JRR "Bob" Tolkien