[ejabberd] external auth
jesse.thompson at doit.wisc.edu
Wed Apr 15 17:01:14 MSD 2009
Fabio Forno wrote:
> two rapid questions about ext auth:
> - I've seen there is just plain password implemented, is there any
> hidden reason for this? The patch for digest auth seems quite
> trivial, I can provide it quickly, but perhaps there is something I'm
My understanding is that the provided script is just a sample. Most
sites that need to use an external auth script need to do something
custom to their environment. Those that need a specific feature, such
as digest auth, will just add it themselves.
While it wouldn't hurt to throw more features into the script to scratch
your own itch, it wouldn't necessarily scratch anyone elses itch. The
risk is that it adds to the complexity of the script, which may make it
more daunting to people that want to modify it in a different way.
> - in the port protocol params all concatenated in one string using ":"
> as separator, but I think ":" is allowed in passwords and I don't see
> any escaping.
The password is the last argument, so you can just do something like this:
my ($op,$user,$domain, at buffer_remainder) = split /:/,$buf;
my $password = join ':', @buffer_remainder;
Division of Information Technology, University of Wisconsin-Madison
Email/IM: jesse.thompson at doit.wisc.edu
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3340 bytes
Desc: S/MIME Cryptographic Signature
More information about the ejabberd