[ejabberd] non-XMPP account creation?

Max Kalika max.kalika+ejabberd at gmail.com
Tue Jul 12 20:47:17 MSD 2011


Hi Keith,

I had a similar use case.  I needed to register jids that a web
application would use for presence logic.  The jids are
automatically-generated random strings (UUIDs) created by the webapp
immediately before the client logs in.  To achieve this, I made a
simple rest-based interface using ejabberd's http hooks.  The
interface essentially boils down to these CRUD operations:

GET http://server/my-register/user@server?key=SecretKey
POST http://server/my-register/user@server/create
POST http://server/my-register/user@server/update
POST http://server/my-register/user@server/delete

The three post requests take a key parameter in the body of the
request.  The create and update requests take an additional password
parameter to assign to the user.  The key is a simple random string
used to authenticate the webapp to this interface.  Since only backend
services are allowed to call these requests, I deemed it secure
enough.  The configuration of the module also allows for a list of
jids that are blacklisted from use.

To make all the magic happen, I call into ejabberd's auth methods to
manage users:

    ejabberd_auth:is_user_exists(Jid#jid.luser, Jid#jid.lserver)
    ejabberd_auth:try_register(Jid#jid.luser, Jid#jid.lserver, Pwd)
    ejabberd_auth:set_password(Jid#jid.luser, Jid#jid.lserver, Pwd)
    ejabberd_auth:remove_user(Jid#jid.luser, Jid#jid.lserver)


On Tue, Jul 12, 2011 at 7:30 AM, Keith Irwin <keith.irwin at gmail.com> wrote:
> Shaun--
>
> I'm not using a database on the web side, nor to the XMPP accounts need to
> map to any real human beings. I suppose I could insert something directly
> into whatever ejabberd is using (mnesia?), but I was hoping to avoid that.
>
> I have potentially many thousands of devices I want to connect via XMPP, but
> I don't want anyone else EXCEPT those devices to register an account. So, if
> the devices can hit a web site (say) with the proper credentials and provide
> me with a randomly generated user/pass, I can create an account for them. It
> ain't perfect, but it's better than having the jabber server open to all.
>
> I could also write a "registration" plugin which has some extra non-standard
> stuff in it, but I like the web request better because it doesn't require
> any additional tools or customized libraries.
>
> Mainly I'm just looking for stories to meet any possible objection to using
> XMPP. It's an easy technology to defend, it turns out.
>
> Keith
>
> On Tue, Jul 12, 2011 at 7:05 AM, Shaun Kruger <shaun.kruger at gmail.com>
> wrote:
>>
>> Have you considered using one of the ODBC authentication methods and
>> writing directly to your database?  I have worked with MySQL based
>> authentication this way and it is very easy.  I connect to the
>> database and "INSERT INTO users (username,password) VALUES
>> ('<username>','<plainpassword>');"  As far as I can tell it is the
>> single easiest way to add users.
>>
>> Shaun
>>
>> On Mon, Jul 11, 2011 at 5:12 PM, Keith Irwin <keith.irwin at gmail.com>
>> wrote:
>> > Is there a way a particular client (say, my-admin at my.jabber.server) can
>> > create new accounts for other clients?
>> > The basic use case is that I want a web site of some sort where clients
>> > have
>> > to sign up rather than use the XMPP built-in registration. However, I'd
>> > rather not have to execute a command line on the actual ejabberd server
>> > itself.
>> > Any general pointers?
>> > Keith
>> > _______________________________________________
>> > ejabberd mailing list
>> > ejabberd at jabber.ru
>> > http://lists.jabber.ru/mailman/listinfo/ejabberd
>> >
>> >
>> _______________________________________________
>> ejabberd mailing list
>> ejabberd at jabber.ru
>> http://lists.jabber.ru/mailman/listinfo/ejabberd
>
>
> _______________________________________________
> ejabberd mailing list
> ejabberd at jabber.ru
> http://lists.jabber.ru/mailman/listinfo/ejabberd
>
>


More information about the ejabberd mailing list