[ejabberd] external auth

Stefan Strigler steve at zeank.in-berlin.de
Wed Apr 15 20:14:01 MSD 2009


Am Mittwoch, den 15.04.2009, 08:01 -0500 schrieb Jesse Thompson:
> Fabio Forno wrote:
> > hi,
> > 
> > two rapid questions about ext auth:
> > 
> > - I've seen there is just plain password implemented, is there any
> > hidden reason for this? The patch for digest auth seems  quite
> > trivial, I can provide it quickly, but perhaps there is something I'm
> > missing...
> 
> My understanding is that the provided script is just a sample.  Most 
> sites that need to use an external auth script need to do something 
> custom to their environment.  Those that need a specific feature, such 
> as digest auth, will just add it themselves.

Whether ejabberd is offering PLAINTEXT auth or DIGEST auth is out of
scope of the extauth script at the moment. 
Currently there's no way to indicate the required authentication method
when using extauth nor is there some way of interaction before an
authentication request is taking place (like getting a token from
extauth which would be required afterwards for checking if given digest
is valid).

Cheers, Steve



More information about the ejabberd mailing list