[ejabberd] ejabberd hacking HOWTO...

Badlop badlop at gmail.com
Tue Nov 28 15:01:13 MSK 2006


2006/11/28, Carl Hayter <hayter at usc.edu>:
> I currently authenticate my users against an external PHP forum user database.
> Since the Jabber server does not have direct access to the users database of
> the forum software, I hacked an auth module that uses a bit of example
> code from somewhere off of the Erlang site (urlget.erl).  I take the username
> and password (plaintext) and md5 the password and make a standard HTTP request
> to a PHP script on the forum site.  so (User,Password) is turned into a HTTP
> request to "http://mysite.org/auth.php?user:md5(password)".  the auth.php
> script checks the user/password info and returns a "OK" or "FAIL" as a result.

So that ejabberd auth code (written in Erlang) talks using HTTP with a
web server.

Just curiosity: that could be implemented as an extauth script too, right?
It's a script in your prefered language (Perl, Python, PHP, C...) that
talks using HTTP with a web server. Then tell ejabberd to authenticate
against that script.

Examples:
http://ejabberd.jabber.ru/extauth


> What is the best way to proceed?  Should I get an account on the new ejabberd
> module repository and commit my poor code?  Should I just upload my code to
> the ejabberd website?  Should i post my code here on this list and hope that
> somebody with more Erlang experience would take a look?

Whatever way you use to publish the code, I'll ask you permission to
add it to the Contributions page :)
http://ejabberd.jabber.ru/contributions


> I just feel really bad with the idea of uploading my poor code...

Call it version 0.1, and add a big warning to the description:
'This code is a mess. Use it at your own risk. It probably does not
work at all.'

Maybe later on version 0.2 you remove the warning.


More information about the ejabberd mailing list