[ejabberd] External Authentication not working ..
leifj at it.su.se
Fri Oct 22 22:36:13 MSD 2004
Sommer Detlef wrote:
> I have setup a ejabberd server on windows 2000 with internal
> authetication in the config file and all worked ok.
> Then I have written a little .NET application which should handle
> the external authentication. This program works like the supplied
> perl script (check_pass_null.pl) and the commands auth and isuser
> are implemented (setpass always returns false). isuser checks the
> username against AD and returns true if the user exists, auth checks
> the user and the password against AD and returns true if all is ok.
> It also logs all requests to a logfile for debug ...
> I want to use the program only for checking the user and password
> in AD, all other things should be stored in the ejabberd database
> as before (I have no external storage for the jabber data).
> Then I stopped the server, changed to external authentication
> in the config file using my program and deleted the spool directory.
> And from this moment many things got wrong:
> 1) I am not able to connect to the server without ticking the
> "Use plain text password" setting on the client. When this is
> not enabled my external program is not called (nothing in the
> log), so the problem must be before ...
That is correkt. There is no way to use an externa auth system
like AD withouth sending plaintext passwords. Use tls!
> 2) I can logon to the server without first creating an account.
> In this case my program is called with auth and when the user
> and password are ok I can use the server.
Please explain how/why this is a problem.
> 3) It seams that the user is not created in the ejabberd database
> because it doesn't show up in the webinterface and the registered
> user counter is always 0 (even when I chat with 10 accounts)
The webbinterface probably looks for users with passwords in
mnesia. Exauth users do not hav passwords.
> 4) The isuser routine from my program is never called ....
> Can anyone help me. If the program works I will post it to
> the list so someone can add it to the distribution ...
It sounds to me like it works.
More information about the ejabberd