[ejabberd] External authentication randomly fails in 2.1.1

Augustine Ike augustineike at gmail.com
Fri Jan 15 17:15:10 MSK 2010


Hi,
     Do you have a firewall in your network? If you do, enable Port
5222 and Port 5223. Also if you use DNS, you have to make sure that
XMPP entries exist for those ports. The DNS piece may be trivial but
the ports MUST be enabled.
if it fails, make sure you have the right modules installed to enforce
external authentication. My setup for Kerberos failed because I did
not have the right modules.

Ike



On Fri, Jan 15, 2010 at 1:08 AM, Erkki-T. Peura <etpeura at gmail.com> wrote:
> Hi,
>
> I would like to get some pointers/help to further troubleshoot
> external authentication problem we have in ejabberd 2.1.1
> Normally script works just fine but sometimes undependent from client
> used (Pidgin, Psi etc.) external authentication
> fails. If user just retries, authentication is ok so user credentials
> or such are not an issue here.
>
> Strange thing is that script doing authentication claims to return 1
> but ejabberd log shows 0:
>
> authentication script log:
> Jan 14 10:09:58 machine auth.pl[31756]: request: auth
> Jan 14 10:09:58 machine auth.pl[31756]: user at domain.tld: auth ok
> Jan 14 10:09:58 machine auth.pl[31756]: user at domain.tld: returning 1
>
> ejabberd log:
>
> =INFO REPORT==== 2010-01-14 10:09:58 ===
> D(<0.269.0>:extauth:73) : extauth call '["auth","user","domain.tld",
>                                         "password"]' received data response:
> [0,0]
>
> =INFO REPORT==== 2010-01-14 10:09:58 ===
> I(<0.17506.0>:ejabberd_c2s:584) : ({socket_state,tls,{tlssock,#Port<0.11393>,#Po
> rt<0.11395>},<0.17505.0>}) Failed authentication for user at domain.tld
>
> Here's part of perl script that returns result:
>
> syslog(LOG_DEBUG,"$jid: returning $result");
> my $out = pack "nn",2,$result;
> syswrite STDOUT,$out;
>
> It's not a load issue, there's under <10 users
>
> More logs available at http://pastebin.com/m180a5d1d, versions
> ejabberd 2.1.1, perl 5.8.8
>
> Authentication config:
> {auth_method, [external, internal]}.
> {extauth_program, "/usr/bin/perl /opt/ejabberd/addons/auth/auth.pl"}.
>
>
> TIA,
>    - etp -
> _______________________________________________
> ejabberd mailing list
> ejabberd at jabber.ru
> http://lists.jabber.ru/mailman/listinfo/ejabberd
>


More information about the ejabberd mailing list