[ejabberd] User management.
paul.kinlan at gmail.com
Tue Mar 10 15:08:08 MSK 2009
Thanks for the advice, the good thing from my point of view is the actuall
ejabberd server will be behind a firewall so users won't be able to connect
other than throught the http-bind interface so I can control some of the
access through the proxy.
I am looking into SASL ANONYMOUS now and checking to see if the jquery.bosh
api supports it :)
2009/3/9 Jack Moffitt <jack at chesspark.com>
> > Each page instance will individually talk with a single user ("game
> > controller" for example) on our ejabberd server mod_http_bind, I need the
> > system to not require usernames and passwords and I have identified two
> > options:
> You missed the third, and best option, which is to use SASL ANONYMOUS.
> > I worry that clever users will be able to send stanzas back to the
> > and all I really want them to do is listen to messages comming from my
> > controller", so for instance, I don't want them to discover other users
> > change their password, or be able to send messages back to the game
> > controller and I can't work out how to disable this functionality.
> Discovering other users is protected by the roster, so you don't have
> to worry about that. Changing password is something that has no
> meaning with SASL ANONYMOUS, and with normal connections that can be
> controlled (if it's even supported. I don't know that it's possible to
> change the password over XMPP with ejabberd). As for the game
> controller, just have it ignore messages from unknown JIDs.
> ejabberd mailing list
> ejabberd at jabber.ru
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ejabberd