[ejabberd] Server-side authentication passed to client side
skeltoac at gmail.com
Mon Jul 27 18:50:58 MSD 2009
I've been doing what Jack said. What he didn't explain was the
out-of-band authentication step. The web server has to talk to the
jabber server somehow. My users' passwords are stored hashed and I
didn't want to do all the BOSH handshaking between servers so I wrote
a web module that takes a single, superuser-authenticated HTTP request
and returns the user's JID, SID, and RID for use in Strophe's attach()
This is a very sloppy hack that works well for me. Feel free to fork it.
On Sun, Jul 26, 2009 at 5:55 PM, Kevin Mullen<frantic at hotmail.co.uk> wrote:
> Hey guys,
> I'm trying to make a web implementation of a jabber client (possibly using
> suggest a better one).
> The thing is I don't want my user to log-in twice, once to my website and
> secondly to jabber via the clientside. My question is: Is there a way to
> authenticate with the jabber server on the web server when the user logs in,
> and then pass this 'authentication' by means of a token or something similar
> to the client? Therefore removing the need for the client application
> running in the user's web browser to authenticate too?
> Thanks in advance for any advice on this.
> ejabberd mailing list
> ejabberd at jabber.ru
More information about the ejabberd