[ejabberd] Alternate authentication for BOSH clients?

Paul Kinlan paul.kinlan at gmail.com
Sat May 30 00:47:55 MSD 2009

You can use SASL authentication you have to set up ejabberd to use
anonymouse sasl auth, we use it in http://www.vooices.us using a version
jQuery.bosh.js that I modified (

I believe strophe.js supports SASL too, and also it allows you to construct
iq messages - which jQuery.bosh.js doesnt (unless you use another version
that I have modified).


2009/5/29 Arne Claassen <arne at getorganyzd.com>

> I'm sorry if this has been covered before, but i'm looking into
> automatically logging users on our site into the our ejabberd server when
> they visit a page using a bosh client. I have an authenticated session in
> the browser and know their user name and jid, but i don't want to have a
> non-secure web page deliver the password to the bosh component for login.
> I'd prefer to let it either use a one-time key or pass on the web session
> key. But at the same time, users should still be able to log in with an Xmpp
> Client and their user/pass. Is there a hook in ejabberd for that can either
> call a webservice for authentication, or do i need a custom module? I figure
> others using ejabberd for presence on their website must have run into this
> before. Any pointers would be appreciated.
> arne
> _______________________________________________
> ejabberd mailing list
> ejabberd at jabber.ru
> http://lists.jabber.ru/mailman/listinfo/ejabberd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.jabber.ru/pipermail/ejabberd/attachments/20090529/19edffcd/attachment.htm>

More information about the ejabberd mailing list