[ejabberd] External Auth and Contact List

Webert de Souza Lima webert.boss at gmail.com
Wed Oct 18 18:30:18 MSK 2017

Hello Phil, I really made a mess trying to explain everything, sorry. I'll
try agian:

I have a global MySQL Server that stores domains and users. By "global" I
mean that we have many independent clusters and different software, all of
them read users from that MySQL Server database.
There is only 1 software allowed to write in this MySQL Server. (as the
other software only read from it, we use Master/Slave replication and read
from the Slaves in  each cluster).

I want ejabberd to be able to do that as well:

 * Authenticate users to the existing database without writing to it
[achievable by external auth method]
 * After a user user at domain logs in, hist Contact List is filled with all
users from the same domain.

I want ejabberd to read-only that global mysql server for Authentitcation
and Contacts List.

ejabberd related data must be written to another Mysql server (hosted in
the same cluster or even the same host).

If I'm still not clear I'll try to be more specific. Thanks in advance.


Webert Lima
DevOps Engineer at MAV Tecnologia
*Belo Horizonte - Brasil*

On Wed, Oct 18, 2017 at 11:57 AM, Phil Stracchino <phils at caerllewys.net>

> On 10/18/17 09:46, Webert de Souza Lima wrote:
> > Hello,
> >
> > I'm new to ejabberd and I'm trying to design a cluster that would fit
> > well with our existing users base.
> >
> > I know that I can provide external authentication, that's a plus.
> > The next problem I have is to provide the contact list from my existing
> > users db. Is that achievable?
> >
> > The existing users database is a MySQL instance that should not be the
> > same of ejabberd's.
> > I want ejabberd to be able to read-only the global MySQL users DB, and
> > have its own MySQL server (local but cluster-wide).
> Your question isn't entirely clear.  I don't understand what you mean by
> "local but cluster-wide", for example.
> However, let me read between the lines here and make some assumptions:
> You have an existing schema containing your users, which we'll call
> (logically enough) 'users', and your ejabberd will connect to MySQL as
> user 'ejabberd' and store its data in the schema 'ejabberd', connecting
> to MySQL only from localhost.  All jabberd nodes will also be nodes of
> the MySQL cluster.
> Is that what you meant?
> In that case you can trivially easily do something like this:
> GRANT SELECT, UPDATE, INSERT, DELETE ON ejabberd.* TO ejabberd at localhost
> IDENTIFIED BY 'ejabberd password goes here';
> GRANT SELECT ON users.* TO ejabberd at localhost;
> --
>   Phil Stracchino
>   Babylon Communications
>   phils at caerllewys.net
>   phil at co.ordinate.org
>   Landline: +1.603.293.8485
>   Mobile:   +1.603.998.6958
> _______________________________________________
> ejabberd mailing list
> ejabberd at jabber.ru
> http://lists.jabber.ru/mailman/listinfo/ejabberd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.jabber.ru/pipermail/ejabberd/attachments/20171018/040f2394/attachment.html>

More information about the ejabberd mailing list