May 2014

Uncontrolled Resource Consumption with Highly-Compressed XMPP messages

Multiple implementations of XMPP core protocol (RFC 6120) supporting stream compression (XEP-0138) suffer from uncontrolled resource consumption vulnerability (

Public XMPP Server Migration

Today we are beginning migration of our public XMPP servers.

Tigase XMPP Server 5.2.1 release

A maintenance version Tigase XMPP Server 5.2.1 has been released and it's available for download. As always - binaries are available for download in the files section on the project tracking system.

Tigase XMPP Server 5.2.0 final release

Finally Tigase XMPP Server 5.2.0, dubbed FTL - Faster Than Light, has landed in it's destination (that is our servers) and it's available for download. As always - binaries are available for download in the files section on the project tracking system. Sources are available in our code repository under the tag tigase-server-5.2.0 - tags/tigase-server-5.2.0. Maven artifacts have been deployed to our maven repository. To put a cherry on top we also run automated tests - successful results are available in our test page.

It could be expected that this version is not only blazing fast but is also packed with features - to recapitulate what has already been mentioned regarding 5.2.0 in previous posts   (Tigase XMPP Server 5.2.0 RC2, Tigase XMPP Server 5.2.0 RC1, Tigase XMPP Server 5.2.0 Beta3, Tigase XMPP Server 5.2.0 Beta2, Tigase XMPP Server 5.2.0 - FTL - Beta1):

Major additions to the Tigase XMPP Server in this release:

  • HTTP API with REST as the Tigase server component
  • Websocket support as a Tigase server connection manager
  • Message Archiving Component - XEP-0136
  • Socks5 Proxy Component with lots of interesting functions - RFC 1928
  • STUN Server Component - STUN
  • XEP-0198 - stream management extension with full support with ACK and Stream resumption. It is fresh but extensively tested already. If you do not have software to check it out or to test it, you can either use our JaXMPP2 client library which offers full support for the XEP or have a look at our Android client which can also make use of it.
  • XEP-0280 message carbons extension. Similarly to the above XEP full support for it is also included in our client side library and mobile messenger.
  • Tigase ACS - which includes main clustering strategy as well as MUC and PubSub cluster-enabled components! Those are not open source but we make them available for free for development and testing.
  • In addition to Derby, MySQL and Postresql Tigase now supports as well MS SQL Server.
  • Top notch improvements in security (v. Tigase XMPP Server - grade A software).
  • Inclusion of new PubSub 3.0.0 which features performance improvements due to reworked schema (v: PubSub database schema conversion),
  • Switched JDK compatibility to JDK7. Number of issues in Tigase server were related to bugs in JDK6 and patching them and creating workarounds was taking up resources. Therefore we decided to switch over to JDK7 which is now required minimal version.

Installing Minichat on your website

We have made Minichat available just to demonstrate new stuff we are working on, to do some tests and collect your opinions. The feedback we have got exceeded our expectations. The most common question was: Can I/how can I install it on my website? Installing the Minichat on your website is very simple so I am putting here instructions for all of you who want to include the Minichat client on your website and allow visitors to chat with you. Just to remind you - this code is still under development and will be updated and changed very often. It may even stop working temporarily or permanently. We can even intentionally block certain users or IP addresses if we discover any abuse. If you are ready for this and still want to have it continue reading...

Tigase Server, single machine - 109k authenticated connections

I had an opportunity to use 4 server like machines to do some load tests over the Tigase server. The Tigase server was installed on one of the boxes and the 3 others generated client connections and the traffic. As the subject says I achieved 109 707 authenticated connections before client software ran out of memory and the test finished. Here are some statistics taken at the end of the test:
Tigase Server version3.3.2-b883
Concurrent, authenticated connections109 707
Test total time2h 40min 43sec
Memory concumption2.1GB
CPU usage (2 cores)95%
Total number of XMPP packets processed during the test45 058 717
Average packets per second processed8.7k/sec
Average server response time263 millis
Environment configuration - Pentium(R) D CPU 3.00GHz Dual Core, 4(server)2(clients)GB RAM, 144GB SATA HDD, 64bit CentOS 5.1, Sun HotSpot(TM) 64-Bit Server VM (build 1.6.0_03-b05, mixed mode). Tigase Test Suite was used for generating user connections and the traffic. For more comments on these results please continue reading...

Tigase Server ver. 3.3.2

I am happy to announce that the new version of the Tigase Jabber/XMPP server is available for download. It's been about 5 months since the last release and indeed huge number of changes and improvements come with today's version 3.3.2. Here is a very brief list of changes:
  • Reduced resources consumption and improved performance.
  • New, smart caching system.
  • Bosh component is now stable and ready for production.
  • Dynamic rosters support added.
  • Configuration wizards on MS Windows through new initial property file which also supports parameter's types.
  • Improved support for multi-core and multi-cpu systems
  • MSN gateway (transport) available in tigase-extras based on excellent Java MSN Messenger Library.
  • SQL Server support added.
  • SSL certificates loading from PEM files available in tigase-extras
  • Many other minor changes, improvements and bug fixes....
I hope you like the new version and as usually all comments and suggestions are very welcomed. Also, as usually test results for the release are available on the test page. For more detailed information keep reading...

Tigase packages dependency change - server compilation version 4.x or later

The dependency for Tigase Utils Package has changed. This is important for everybody who builds the Tigase server manually from sources using Ant tool. The Maven handles all the dependencies automatically and scripts have been updated.

Please keep reading for more details how to compile the server from sources in current SVN repositories.

Tigase XMPP Testing Zone

We have just launched the Tigase XMPP testing zone. This is the Tigase server clustered installation with 2 nodes. The installation is integrated with the Drupal CMS.

At the moment it offers c2s, s2s and Bosh protocols. We are going to enable more services for testing soon: MUC, PubSub, MSN transport and possibly more.

Please feel free to create an account on the Drupal website and use it for testing of your software.

Note. The installation is available through rather average broadband connection and it is not suitable for any kind of load or high traffic tests.

As usually all comments and suggestions are very welcomed. If you have ideas to improve the installation and make it easier for your tests please let me know.

Tigase LiveCD 4.0.0

Kilka dni temu po cichu załadowałem plik tigase-livecd-4.0.0.iso do naszej sekcji plików. Pomimo że nie było żadnego ogłoszenia na ten temat licznik ściągnięć pokazuje 145 pobrań. Ciekawe czy zainteresowanie byłoby równie duże gdyby ludzie wiedzieli co ściągają... W każdym razie ten plik ISO jest pierwszym wydaniem "Tigase LiveCD". Jest to kompletne środowisko do uruchomienia z płyty CD zawierające skonfigurowane i automatycznie uruchamiane zintegrowane systemy XMPP (Jabber), E-Mail (poczty) na bazie serwera Dovecot oraz Blog i Forum na bazie systemu CMS Drupal. Przykladowy serwis WWW zawiera również Minichat. Całość została oparta o dystrybucję Gentoo Linux. Integracja w tym wypadku oznacza że wszystkie usługi korzystają ze wspólnej bazy danych zawierającej konta użytkowników. Zarządzanie kontami odbywa się poprzez serwis WWW oparty o Drupala. Integracja między serwisem WWW i XMPP jest nieco głębsza niż wspólna baza użytkowników. Możliwe jest również publikowanie krótkich wiadomości lub ogłoszeń bezpośrednio z klienta XMPP jak również nowe komentarze lub publikacje powodują wysłanie powiadomienia na konto XMPP. Dystrybucja zawiera również 2 pragramy klienckie do XMPP: Psi oraz Coccinella w najnowszych wersjach. No może Psi już nie jest w najnowszej wersji. Właśnie została opublikowana wersja 0.12. Wszystko zostało zainstalowane i skonfigurowane tak aby startowało automatycznie po uruchomieniu systemu z CD.


Get in touch

We provide software products, consulting and custom development services

Tigase, Inc.
100 Pine Street, Suite 1250
San Francisco, CA 94111, USA
Phone: (415) 315 9771

Follow us on:


Back to Top