[ejabberd] external auth
jorge.guntanis at telcentris.com
Wed Apr 15 20:03:53 MSD 2009
On Apr 15, 2009, at 6:01 AM, Jesse Thompson wrote:
> Fabio Forno wrote:
>> two rapid questions about ext auth:
>> - I've seen there is just plain password implemented, is there any
>> hidden reason for this? The patch for digest auth seems quite
>> trivial, I can provide it quickly, but perhaps there is something I'm
> My understanding is that the provided script is just a sample. Most
> sites that need to use an external auth script need to do something
> custom to their environment. Those that need a specific feature,
> such as digest auth, will just add it themselves.
> While it wouldn't hurt to throw more features into the script to
> scratch your own itch, it wouldn't necessarily scratch anyone elses
> itch. The risk is that it adds to the complexity of the script,
> which may make it more daunting to people that want to modify it in
> a different way.
Right, I think by using external authentication, you are leveraging
the whole authentication process to a higher layer on your
implementation, ie. your perl/sh/logo script. Personally, I think that
should stay that way, or branch into a more complex module as a
>> - in the port protocol params all concatenated in one string using
>> as separator, but I think ":" is allowed in passwords and I don't see
>> any escaping.
> The password is the last argument, so you can just do something like
> my ($op,$user,$domain, at buffer_remainder) = split /:/,$buf;
> my $password = join ':', @buffer_remainder;
Again part of above' problem, the module assumes you will take care of
this at a higher layer, and not allow that character from starters.
This is a good catch though, may be the module can separate the string
by using a character that can not be input directly from a keyboard. I
will work on a patch for this and submit it.
> Jesse Thompson
> Division of Information Technology, University of Wisconsin-Madison
> Email/IM: jesse.thompson at doit.wisc.edu
> ejabberd mailing list
> ejabberd at jabber.ru
More information about the ejabberd