[ejabberd] Subdomains Authetication!

Badlop badlop at gmail.com
Mon Feb 28 20:20:53 MSK 2011


2011/2/28 Henrique Fernandes <sf.rique at gmail.com>:
> Where i work we are tryng to setup and IM. But with gonna have lots of users
> conected and the passowrd has to be the same of the email plus we have LOTS
> os subdomains!
>
> So here is my question,
>
> How do i configure ejabberd to authenticated subdomains ?

If you wrote a script that can work with any vhost, then you can use:

{hosts, ["e1.localhost", "e2.localhost"]}.
{auth_method, external}.
{extauth_program, "/home/git/ejabberd/examples/extauth/check_pass_null.pl"}.

But if you want different scripts for different vhosts, then use:

{hosts, ["e1.localhost", "e2.localhost"]}.
{host_config, "e1.localhost", [
  {auth_method, external},
  {extauth_program,
"/home/git/ejabberd/examples/extauth/check_pass_null-allowall.pl"}
]}.
{host_config, "e2.localhost", [
  {auth_method, external},
  {extauth_program,
"/home/git/ejabberd/examples/extauth/check_pass_null-denyall.pl"}
]}.

In that simple example, the allowall script allows all requests, and
denyall rejects all requests.


> Here is how my work is doing!
>
> I already configured the ejabberd to exterauth. it is already working! The
> problem is, if i set in {hosts ["all", "my", "host"} it will open one script
> for each subdomain,

Yes, that's how ejabberd is implemented.

> and we have about 70 subdomains. It takes lots of
> resources from the machine.

If your scripts consume resources even when they are doing nothing,
then you should optimize your script, or consider writing your native
ejabberd_auth_whatever.erl module.

If your scripts consume resources only when they are processing
requests, you can try to reduce the amount of requests by enabling the
option extauth_cache. See the ejabberd Guide.


> Plus my script autenticated any subdomain!

I don't understand that.

ejabberd calls the correct script for each vhost. Using my second
example, it works correctly, see:

=INFO REPORT==== 28-Feb-2011::18:04:41 ===
I(<0.568.0>:ejabberd_c2s:517) : ({socket_state,gen_tcp,#Port<0.4405>,<0.567.0>})
 Accepted legacy authentication for user11 at e1.localhost/work by
ejabberd_auth_external

=INFO REPORT==== 28-Feb-2011::18:04:49 ===
I(<0.571.0>:ejabberd_c2s:559) : ({socket_state,gen_tcp,#Port<0.4436>,<0.570.0>})
 Failed legacy authentication for user22 at e2.localhost/Psi


> I tryed route_subdomains local, but i did not work.

That option is only important when you have several ejabberd server programs.


> I set the host example.com
>
> And if i try conect an user with  a.example.com it says "host unknow"

Set in 'hosts' the domains you want to use.


---
Badlop
ProcessOne


More information about the ejabberd mailing list