restxmppopenfire

Can I move OpenFire REST PORT away from Admin port?


I'm accessing my Openfire server from a separate device.

But, after a couple of hours of battling, I realised I had to open the Admin port for external access, since the REST API shares it.

I realise that the REST API allows for a third party to make extensive modifications to an Openfire instance, but it still seems a lot less damaging than access to the Admin console.

I'd like avoid opening the admin console to external access, if possible.

Is there a way of moving the Openfire REST API to another port?


Solution

  • This is currently not possible. The functionality provided by the REST API for Openfire is considered 'administrative', and is thus should, largely, be treated with the same authorization/authentication considerations as the admin console.

    The desire to be able to apply a more specialized set of conditions to authentication/authorization is valid, but is currently simply unsupported. An issue has been filed a while ago to improve this. You can find that issue here: https://github.com/igniterealtime/openfire-restAPI-plugin/issues/177