I'm working on a project where we need to implement a chat system with a (kinda) social network. and We opted to use Ejabberd ( any other suggestions ? ).
Thanks :)
How can we prevent third party xmpp clients from connecting to the server ?
Some ideas:
Filter connections from IP Address, if they should come only from a small range that you already know. See ip ACL in https://docs.ejabberd.im/admin/configuration/basic/#acl-definition
Modify an existing auth mechanism in ejabberd in a way that only your client knows how to get accepted by ejabberd. Of course, somebody could reverse-engineer your secret method and write an alternative client.
When it comes to permissions of who can message who, do we need to create our custom Ejabberd module ?
Some ideas, maybe you can adapt your requirements to use one of them:
mod_isolation: acts at the vhost level https://github.com/processone/ejabberd-contrib/tree/master/mod_isolation
mod_filter: acts at the ACL level. https://github.com/processone/ejabberd-contrib/tree/master/mod_filter
And probably the best one: set mod_roster->access to not allow users modifying their rosters. Then set mod_block_strangers to only allow people communicate with people in their rosters. And finally populate the rosters with the desired contacts (for that you can use push_roster_all or whatever command that make your live easier)