Lock IT Down: Control IM risks by embedding chat in your intranet

If you must use IM in your organization, these tips make it safe

Inside many shops, instant messaging (IM) has become a communication method of choice for employees. But using IM can generate problems including the spread of viruses and spam. You can avoid many of the problems associated with IM by using embedded chat clients running on non-standard ports.

In this Daily Feature, I am going to illustrate how to install and embed chat_everywhere, a Java chat application, into an existing intranet. With this tool in place, employees will be able to quickly communicate from within the corporate Web framework as if they were using instant messaging software.

What's needed
There are two applications that must be installed: the server and the client. The latter label is somewhat deceiving because there is not a “client” to install on every machine to connect to the server. Instead there are a few client files that must be copied to the Web server’s root directory (more on this later).

The requirements for the chat server are simple. There are no special libraries to install. It must be located in a readable directory (such as /var/www/html/), and it must be installed on a server running Apache.

Remember, there are two installations that are necessary for this application. The first is the chat_everywhere-server. The second is the chat_everywhere-client. Download both and save them in the server’s /usr/local/src directory.

Install the server and client software
As root, change to the download directory using the cd /usr/local/src command. Begin the server installation by unpacking the server file using the command tar -xvzf chat_everywhere-0.0.12a.tar.gz. Change to the newly created directory, chat_everywhere-0.0.12a, and issue the command ./configure ; make ; make install. Although this command looks like one long command, it is actually three commands strung together, each running only if the prior command succeeds.

When the three installation commands complete, an executable binary file, chat_server, will be copied into /usr/local/sbin. The chat server is started from this directory. But before the chat server is started, the client files must be copied into the proper directory.

Change back to the /usr/local/src directory using the command cd .. (there are two 'dots' after cd). Unpack the client file using the command tar xvzf chat_everwhere-client-java-0.0.12a.tar.gz into a new directory titled chat_everwhere-client-java-0.0.12a. The only installation necessary here is to copy the two .class files into the Apache Web tree (such as /var/www/html) and copy one of the sample chat files.

Each of the sample chat files serves as both a means for the user to enter the chat room (without using the clunkier Java interface) and for the configuration of the chat applet itself (more on that later). There are four different chat files from which to choose. The simplest file, chat.html,  is located in the base directory of the client installation (chat_everywhere-client-java-0.0.12a).  In the chat_everywhere-client-java-0.0.12a/contrib  directory, there are three other sample chat files to use. They are:
  • ·        chat.cgi
    Uses cgi to accept user input
  • ·        chat.php
    Uses php to accept user input
  • ·        chat.html
    Uses standard html to accept user input (note: this is not the same as the chat.html file found in the base directory that is created when the client application is unpacked)

The main difference between the above scripts and the default chat.html file is that the scripts allow you to embed the login field into your current Web site, whereas the Java applet login will not. This text field passes the nick parameter on to the chat_everywhere server.

The nick parameter is the parameter that is used to take user input and pass that input to the server. As the name implies, nick is used for nicknames.

If you choose the default chat.html script, the users will be directed immediately to the Java applet where they will enter their nick and log on. This function logs the user in the same way as the chat.cgi,chat.php, and chat.html scripts do, only it is not as flexible.

Configure the server
A required chat_server daemon configuration file is created in /usr/local/etc/  upon installation.It is  called chat.conf.sample. Log in as root and rename and copy this file to /etc/ using the command cp /usr/local/etc/chat.conf.sample /etc/chat.conf.

There are a few chat.conf. options that must be configured in the chat.conf file. The minimum required options are:
  • ·        AdminEmail
    The administrator's e-mail address
  • ·        OpPass
    Password for level nine access (administrator)
  • ·        ServerPort
    Configure the port to use for the chat server (default is 5656)

That's it for the main server configuration.

Configure the chat environment
Few changes can be made to the actual chat room aesthetics. Primary configurations that can be changed are the MOTD (message of the day) and use of colors. The MOTD configuration relies on the chat.motd file and must be located in the same directory as the chat.html  (or chat.php or chat.cgi) file. The chat.motd  file contains any information that you wish the users to know as well as any escape sequences that can pull information from various sources. The available escape sequences are:
  • ·        %E
    Displays the e-mail address of the administrator
  • ·        %L
    Displays the local host name
  • ·        %M
    Displays the maximum users allowed
  • ·        %N
    Displays the current users
  • ·        %R
    Displays remote host name
  • ·        %T
    Displays local time

To use the escape sequences, add them in your chat.motd  text as in: You are user %N of %M users.

The colors and the size of the applet can be defined in the chat.html file. The definitions are configured in the <applet code= >  tag of the chat.html file. There are four areas where color can be defined:
  • ·        BgColor
    Configures the main background color of the applet
  • ·        UsersBgColor
    Configures the background color of the user listing area
  • ·        InputBgColor
    Configures the background color of the text input area
  • ·        TextBgColor
    Configures the background color of the discussion area

You can configure the text color by substituting Fg for Bg (in the above area names), as in FgColor  for BgColor. To configure the main background of the applet to be black (hex equivalent #000000), the main text to be white (hex equivalent #FFFFFF), and the size (of the chat window) to be 440 by 300, the <applet code= > entry would look like Listing A.

Start the server
The next step is to start the chat server. There are two methods of starting any daemon process: manual and automatic. To manually start the chat_everywhere server use the command /usr/local/sbin/chat_server -b -c /etc/chat.conf (the -b switch tells the server to run in as a daemon, and the -c switch dictates what configuration file to use).

Unless you want to have to restart the chat server every time a reboot occurs, it would be best to add the above command to the end of the /etc/rc.d/rc.local  file.

Embed the applet
One of the better features of this simple chat application is its ease of working within your current framework. With the help of the <iframe>  tag, it is possible to embed the chat applet into your existing Web site’s framework. From within the page where the chat applet needs to appear, add the text shown in Listing B.

Connect to the chat
When users need to make a connection to the chat application, they need only to point a Java-enabled browser to http://chat_server_address/chat.html  (where chat_server_address is the URL or IP address of the chat server and where chat.html  is the chat  file used - chat.html, chat.php, or chat.cgi).

When the browser connects to the chat applet, the users will enter a nickname and press enter to join the chat. The nickname can be any combination of alphanumeric characters (with a maximum of 14 characters and no spaces allowed). If the user enters a nickname that is already being used, they will be instructed to enter a new nickname.

Issues of note
The chat_everywhere application is a nimble solution for a company needing instant messaging communication, but the app has a few quirks.

The first quirk I discovered was learning how to log on with administrator privileges. Because this issue is not addressed in chat_everywhere's documentation, it took me a while to realize that chat_everywhere can accept standard IRC commands. For example, if you want to take advantage of the administrator rights for the chat, a specific user cannot be configured to permanently act as administrator. An administrator must be promoted with the proper command. To promote your user to administrator, enter the /op password  (where password  is the password configured in /etc/chat.conf). With administrator permissions a user can boot users from a chat, as well as ban and reinstate them.

Remember that every time the chat_server is restarted, the chat.motd  file is erased. Keep a copy of that file in another location so you don't have to recreate it at every chat_server  restart.

What you see is what you get
One of the strengths of chat_everywhere is its simplicity. Chat_everywhere has a pared-down, user-friendly interface, simplistic configuration, and a tiny footprint that make this application a valid solution for anyone needing instant messaging communication.

I highly recommend deploying chat_everywhere into your intranet infrastructure. Your users will be delighted at the application's ease of use and your IT department will marvel at its reliability and straightforward configuration/administration.



Jack Wallen is an award-winning writer for TechRepublic and He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website

Editor's Picks