[ejabberd] External Authentication not working ..

Sommer Detlef somm at etm-ag.com
Fri Oct 22 23:30:39 MSD 2004

The problems (from my point) are the following:

1) It looks that when I don't register with the server
the user is not created in the ejabberd database (see below).

2) It seems also that tls doesn't work. Only without ssl and
with plaintext enabled ... Is this handled by the code befor
the external program is called ?

3) There are some things that do not work. One is hat the
initial message when a user is created is not send in this case.
The other time the roster didn't get saved on the server. I always
started with a blank roster. I think also that there was a problem
with offline messages. They didn't appear at the next start ...

4) What is the isuser method for when it is never called ?

5) Would be nice if yuo can also check external user within
the webinterface ...

TIA, Detlef Sommer

> Sommer Detlef wrote:
> > I have setup a ejabberd server on windows 2000 with internal
> > authetication in the config file and all worked ok.
> > 
> > Then I have written a little .NET application which should handle
> > the external authentication. This program works like the supplied
> > perl script (check_pass_null.pl) and the commands auth and isuser
> > are implemented (setpass always returns false). isuser checks the
> > username against AD and returns true if the user exists, auth checks
> > the user and the password against AD and returns true if all is ok.
> > It also logs all requests to a logfile for debug ...
> > 
> > I want to use the program only for checking the user and password
> > in AD, all other things should be stored in the ejabberd database
> > as before (I have no external storage for the jabber data).
> > 
> > Then I stopped the server, changed to external authentication
> > in the config file using my program and deleted the spool directory.
> > 
> > And from this moment many things got wrong:
> > 1) I am not able to connect to the server without ticking the
> > "Use plain text password" setting on the client. When this is
> > not enabled my external program is not called (nothing in the
> > log), so the problem must be before ...
> That is correkt. There is no way to use an externa auth system
> like AD withouth sending plaintext passwords. Use tls!
> > 
> > 2) I can logon to the server without first creating an account.
> > In this case my program is called with auth and when the user
> > and password are ok I can use the server.
> > 
> Please explain how/why this is a problem.
> > 3) It seams that the user is not created in the ejabberd database
> > because it doesn't show up in the webinterface and the registered
> > user counter is always 0 (even when I chat with 10 accounts)
> > 
> The webbinterface probably looks for users with passwords in
> mnesia. Exauth users do not hav passwords.
> > 4) The isuser routine from my program is never called ....
> > 
> > Can anyone help me. If the program works I will post it to
> > the list so someone can add it to the distribution ...
> It sounds to me like it works.
> 	MVH leifj

Detlef Sommer

ETM Aktiengesellschaft
Kasernenstrasse 29, A-7000 Eisenstadt
Phone: +43-2682/741-0; Fax: +43-2682/741-107
E-Mail: mailto:somm at etm.at; Web: http://www.etm.at

More information about the ejabberd mailing list