[ejabberd] Alternate authentication for BOSH clients?

Pradeep Elankumaran pradeep at intridea.com
Sat May 30 01:00:32 MSD 2009


Arne,
You would pre-authenticate in your web application's code, then pass
in variables to your html templates.
Jack Moffit has a nice write-up about this:
http://metajack.im/2008/10/03/getting-attached-to-strophe/

Also, if you're using Rails, you should use ruby_bosh
http://github.com/skyfallsin/ruby_bosh/tree/master

Hope this helps.
- Pradeep

On Fri, May 29, 2009 at 1:42 PM, Arne Claassen <arne at getorganyzd.com> wrote:
> I'm sorry if this has been covered before, but i'm looking into
> automatically logging users on our site into the our ejabberd server when
> they visit a page using a bosh client. I have an authenticated session in
> the browser and know their user name and jid, but i don't want to have a
> non-secure web page deliver the password to the bosh component for login.
> I'd prefer to let it either use a one-time key or pass on the web session
> key. But at the same time, users should still be able to log in with an Xmpp
> Client and their user/pass. Is there a hook in ejabberd for that can either
> call a webservice for authentication, or do i need a custom module? I figure
> others using ejabberd for presence on their website must have run into this
> before. Any pointers would be appreciated.
>
> arne
> _______________________________________________
> ejabberd mailing list
> ejabberd at jabber.ru
> http://lists.jabber.ru/mailman/listinfo/ejabberd
>


More information about the ejabberd mailing list