Disable user login from multiple devices at the sametime, in Ejabberd/XMPP

ejabberd create account
list users ejabberd
ejabberd 2
ejabberd debian
ejabberd ui
ejabberd windows configuration
exit ejabberd live
ejabberd customize

Environment:

Ejabberd Version : 16.04

Smack-android-4.1.0

I'm working on an Android chat application. Currently, same user credentials can be used login from multiple devices.

The current scenario is as follows:

1. User logs in into the app in device A
2. Using the same username and password, the user logs successfully into the app in device B
3. Now device A says, it is disconnected, but continue the chat in device B

However, according to the given requirement, it should behave like this:

1. User logs in into the app in device A
2. Using the same username and password, when the user tries to log in from device B, it should not allow it. 
(Since he is already logged in from device A)

Would be glad to hear your solutions/ideas on this. Thanks in advance.

So I managed to resolve the problem using the option resource_conflict

According to Ejabberd Configuring Docs

The option resource_conflict defines the action when a client attempts to login to an account with a resource that is already connected. The option syntax is:

resource_conflict: setresource|closenew|closeold: The possible values match exactly the three possibilities described in XMPP Core: section 7.7.2.2. The default value is closeold. If the client uses old Jabber Non-SASL authentication (XEP-0078), then this option is not respected, and the action performed is closeold.

So open ejabberd.yml and add the following line to that file.

resource_conflict: closenew 

Then restart the ejabberd server.

Now it will disallow the resource binding attempt of the newly connecting client and maintain the session of the currently connected client.

References:

  1. https://tools.ietf.org/html/rfc6120#section-7.7.2.2
  2. Read @rubycon's answer on this- https://stackoverflow.com/a/51860779/5361779

one account login from multi device same time · Issue #72 , Hi, I have setup a simple Ejabberd server, I try to disable one account login from If I use Jitsi login same account on two PC. they will be online and offline for Since XMPP was designed from the beginning to allow multiple  I have setup a simple Ejabberd server, I try to disable one account login from multi device at same time. I think maybe I can change configure file, then when one account from device A, will kick out this same account login from device B. I try set allow_multiple_connections to false for my host, but it not work. thanks in advance.

From XMPP spec:

"If there is already an active resource of the same name, the server MUST either (1) terminate the active resource and allow the newly-requested session, or (2) disallow the newly-requested session and maintain the active resource. Which of these the server does is up to the implementation, although it is RECOMMENDED to implement case #1."

More info here https://xmpp.org/rfcs/rfc3921.html#session

So your current scenario is a recommended one.

However, I have quickly checked for ejabberd src code and found it can be configured somehow (closeold -> closenew)

https://github.com/processone/ejabberd/blob/master/src/ejabberd_c2s.erl#L964

https://github.com/processone/ejabberd/blob/master/src/ejabberd_c2s.erl#L873

I'm not an Erlang specialist, but looks like it can be achieved by modifying the source code

Configuring ejabberd (Old document), Internal; External Script; Anonymous Login and SASL Anonymous; PAM This is to prevent messing up with your config file comments, syntax, etc. When managing several XMPP domains in a single instance, those domains are truly independent. Use this option when enabling options like starttls or tls in listeners  ejabberd. Score 1. Posts 6. xmpp. Score 1. 1 Disable user login from multiple devices at the sametime, user contributions licensed under cc by-sa 4.0 with

If device B sets as resource one different than device A, both can be connected to the same account correctly. In your tests, device B sets the exact same resource than device A, and then ejabberd kicks the older session.

I see there's an option to limit the number of sessions an account can have active in the server. The problem is that it kicks the older session, but you would like to disallow the new login. See https://docs.ejabberd.im/admin/configuration/#limiting-opened-sessions-with-acl

Configuring ejabberd, Here are the main entry points to learn more about ejabberd configuration. ejabberd is extremely powerful and can be configured in many ways with many  Disable "mod_carboncopy" [Optional] this module it self takes care of you have multiple devices logged under same XMPP account, that operator message sent from one device would be delivered to other devices logged under same XMPP account. This feature particullary couses issue in Monal application on Iphone and duplicates operators messages.

Xmpp server, Converse is a free and open-source XMPP chat client that runs in a web browser. that I need an external XMPP server if I would like to use it with mobile phones. The app supports SSL/TLS, multiple users and can be set to automatically start So far, I saw 3 main challengers : ejabberd openfire prosody I checked on  XMPP/Jabber allows you to use the same account and login from multiple devices at the same time. For example, you might have a client at home, one at work, and one on your mobile phone. Any one of them can be connected at once.

Team City - Connect and remove agents questions, Disable user login from multiple devices at the sametime, in Ejabberd/XMPP. Environment: Ejabberd Version : 16.04 Smack-android-4.1.0 I'm working on an  ejabberd supports managing several independent XMPP domains on a single ejabberd instance, using a feature called virtual hosting. The option hosts defines a list containing one or more domains that ejabberd will serve. Of course, the hosts list can contain just one domain if you do not want to host multiple XMPP domains on the same instance.

Conversations: the very last word in instant messaging, Conversations is a Jabber/XMPP client for Android 4.0+ smartphones that has read a message yourself you can simply disable that feature in the settings. at the same time, both your sent and received messages will show up on all devices​. you the flexibility to migrate your account between different XMPP providers. The configuration file will be loaded the first time you start ejabberd. The configuration file name MUST have “.yml” or “.yaml” extension. This helps ejabberd to differentiate between the new and legacy file formats (see section Legacy Configuration File). The configuration file is written in YAML.

Comments
  • Thank you @Rubycon your answer helped me to find an approach to resolve this problem.
  • @B378 great to hear it! You can mark this answer as correct then
  • Thanks, @Rubycon. However, it was resolved by updating the yml file as given in Ejabberd Configuring Docs, not the source code. Since it's different from this, I added the followed procedure as a separate answer.
  • I referred the given link and made the changes to the yml as given. However, it will not disallow the new login. It will enable the new login attempt and disable the previously logged-in session.
  • This is right. From XMPP spec: If there is already an active resource of the same name, the server MUST either (1) terminate the active resource and allow the newly-requested session, or (2) disallow the newly-requested session and maintain the active resource. Which of these the server does is up to the implementation, although it is RECOMMENDED to implement case #1. More info here xmpp.org/rfcs/rfc3921.html#session
  • So, above current scenario is RECOMMENDED scenario. I think you need to check for Ejabberd is it possible to switch to case #2.