How to use Java GAE with an external jabber server like Openfire? Any guide?
That depends on what you mean by "use with". If you want to send messages to an external server and receive messages from it, you can do that just fine by setting up federation the usual way. If you want some other form of interaction, you're out of luck - App Engine doesn't use XMPP as a client, but is instead tightly integrated with the server.
Related
I am new to web development, and have seen posts such as these . If one is using AWS and is connecting to an AWS rds instance through Node, is that still considered a direct connection as opposed to a web service?
You're probably going to get a bunch of conflicting opinions on this. My personal opinion is a web service in front of your database makes sense in some scenarios. Multiple applications connecting to the web service instead of directly to the db gives several advantages, security, caching, etc.
That being said, if this is just a single app then most of those advantages disappear and in fact just make things more complex for you. You're going to have to setup your web service for the db as well as your actual code.
If one is using AWS and is connecting to an AWS rds instance through Node, is that still considered a direct connection as opposed to a web service?
No, if Node.js is running on a server or in "serverless" containers (e.g. AWS Lambda) that is not a direct connection. That is a web service, and that's what you want.
A direct connection means the app connects to the database itself... but that requires embedding credentials in the app.
You do not want to embed anything in your app that you would not willingly hand over to an arbitrary user -- such as database credentials and API keys -- because you cannot trust that the app won't be reverse-engineered.
You should design the app in such a way that you would have no security concerns if the entire source code of the app were exposed, because knowing everything about the app's internals would give a malicious actor no valuable information. How? The code on the server side (e.g. in Node.js) should treat every request from the app as potentially suspicious, untrustworthy, etc., and validates every request to do anything.
This layer of separation is one of the strongest reasons why you never give the app direct access to the database. Code running in a trusted place -- your web server/API layer -- needs to vet every database interaction. This topology also decouples the app user from tying up resources on the database server when not actually interacting with the database, which is far less practical with a direct connection.
From looking at App Engine's XMPP docs at https://cloud.google.com/appengine/docs/go/xmpp/
It seems that Google only offers a client to be hosted on appengine, but not the XMPP server itself. For that, one needs to use a different host (such as GTalk)
Am I understanding this correctly?
If so- does that mean I must host my own xmpp server (ejabbered) if I want on-the-fly session-based clients?
If that is also true- then is there a mechanism in ejabbered for lightweight session-based clients? (i.e. many to be quickly created and destroyed- only needs to respond to presence requests for the duration of the session, will never be used again)
Is there a stable, scalable host out there that can do this for me so I don't need to worry about the ejabbered server going down (whether it's hosted on AWS,GCE, etc. the beauty of AppEngine so far was I never had to worry about that)
Thanks!
To address your questions:
Am I understanding this correctly?
You use to have to use Google Talk XMPP service, but I guess, yes, now you need to deploy your own server.
If so- does that mean I must host my own xmpp server (ejabbered) if I want on-the-fly session-based clients?
Not sure what "on-the-fly" session means, but yes, it seems you need your own server.
If that is also true- then is there a mechanism in ejabbered for lightweight session-based clients? (i.e. many to be quickly created and destroyed- only needs to respond to presence requests for the duration of the session, will never be used again)
Not sure what you mean by this. XMPP is a connected protocol. It means the session is linked to having a TCP connection opened. That said, ejabberd SaaS allows to maintain the session for a while if you do lose the connection (designed for mobile). You can simply reattach to it.
And by the way: In XMPP, you do not "respond to presence request". This is the reverse: Your presence is broadcasted to your contact (roster)
Is there a stable, scalable host out there that can do this for me so I don't need to worry about the ejabbered server going down (whether it's hosted on AWS,GCE, etc. the beauty of AppEngine so far was I never had to worry about that)
The easiest (and arguably cheapest) way to use ejabberd is to use ejabberd SaaS, managed by ProcessOne, developer of ejabberd (I am developer of ejabberd and founder of ProcessOne).
Could someone please explain to me in a simple way, what is a web service?
Please correct me if I'm wrong. I have a DB hosted somewhere in the web, and I want to perform DB transactions from a desktop application as well as a mobile application. Can this be done through a web service ? Someone mentioned it to me and I wanted to make sure this could happen.
Here's a good explanation on Wikipedia.
A middle dynamic content processing and generation level application server, for example Ruby on Rails, Java EE, ASP.NET, PHP, ColdFusion platform
The middle tier of a 3-tier application is often the web service
i want to perform DB transactions from a desktop application and a mobile application, can this be done through a web service ?
This is Exactly what a web service is for.
A web service allow you to create multiple front ends if needed, and serve your database data to all of those front ends. You can also open up the API and allow third party developers to access the web service and thereby access the data of your application in a controlled environment.
It's considered a better practice for larger applications to access a web service or a middle tier rather than directly access the database.
In your case, a web service would involve setting up your DB behind a web server that listens for incoming requests, performs the appropriate DB operations, and returns whatever data is appropriate. Then, your desktop and mobile applications could send a http request and the DB would respond appropriately. This would let all your applications access the same DB.
Google App Engine currently limits you to 2,000 emails per day (for free) via their API.
I am trying to find a definitive answer if it is possible to use a third-party system if you need to send more. I know that they disallow raw sockets, so I would assume that there might be trouble with this approach... but surely I'm not the first to see it.
Worst case, I can build a simple offsite web service that my GAE can call... but I'd much rather just be able to send directly through an SMTP server.
Thanks!
Nope.
You're correct: you cannot make raw socket requests, nor any other direct outbound requests except through the urlfetch API. To talk to an external SMTP server, you would need to use a webservice as a proxy.
We use the Postmark mail outsourcing service via the hutools.postmark API. Since the communication is HTTP based, it works like a charm on Google AppEngine. This might be an option for you, although it is also a for-pay service. We use it to get arround GAEs sender restrictions.
I've successfully used third party providers for email services with Google App Engine. I've used both SendGrid and MailGun using their HTTP-API.
App Engine only allows you to use these formats for XMPP addresses:
app-id#appspot.com
anything#app-id.appspotchat.com
Is there be a way to configure a custom domain so that it forwards XMPP messages to one of these address formats.
For example, if my domain is called myxmpp.com, I could give that out to users as my application's JID and then forward any user chat messages received there directly to myxmpp#appspot.com (assuming myxmpp is the app-id)?
I'm fairly sure that, to do this, you would need a custom XMPP server serving for your domain. I'm also fairly sure that you'd have to write said server yourself.
This site http://www.prosody.im/doc/dns explains what you need to configure in your DNS to do this.