[ejabberd] Another BOSH binding warmer

Andy Skelton skeltoac at gmail.com
Wed Feb 17 22:05:19 MSK 2010


On Wed, Feb 17, 2010 at 12:47 PM, Theo Cushion <theo at jivatechnology.com> wrote:
> I've borrowed heavily from the work by:
>
> - http://github.com/thepug/Mod-Http-Pre-Bind
> - http://github.com/skeltoac/http_prebind

Cool! And I am deeply apologetic for http_prebind. ;-)

> I'd be interested in any comments/criticism on how I have implemented it -
> and any ideas about how I could get around the limitation of supplying the
> users password.

We don't know our users' passwords so I had to get around this
limitation when I wrote http_prebind. You can see "backdoor_password"
in that module. My custom auth module accepts a sort of universal
password, or a password generated from the user name. This can be done
so that the backdoor passwords are server-specific and frequently
changing.

Andy


More information about the ejabberd mailing list