Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support existing installs without external auth script for ejabberd #13

Open
bhgraham opened this issue Sep 4, 2010 · 5 comments
Open

support existing installs without external auth script for ejabberd #13

bhgraham opened this issue Sep 4, 2010 · 5 comments

Comments

@bhgraham
Copy link

bhgraham commented Sep 4, 2010

I run a server with LDAP for the backend and all users currently synced between my existing elgg and ejabberd services. I would like to use this as the chat client but when installed and enabled I get "Failed" everytime i try to login.
@cash
Copy link

cash commented Sep 6, 2010

You can use the ldap external authentication module for ejabberd.

@bhgraham
Copy link
Author

bhgraham commented Sep 7, 2010

I am already authenticating to ldap, so i dont need another plugin, but the beechat is not working when with my setup, which is why i posted.

@cash
Copy link

cash commented Sep 7, 2010

I'm saying you could use an ejabberd module to do the authentication from ldap. With an Elgg ldap plugin, the user's passwords are not stored in the Elgg database. It is either the ejabberd ldap plugin or an external authentication module that uses Elgg's ldap plugin (or use a separate password just for ejabberd authentication).

@bhgraham
Copy link
Author

bhgraham commented Sep 7, 2010

I have the authentication working now, for both elgg and xmpp to my ldap server, what I do not have working is the beechat client authenticating and logging the user into xmpp from withing elgg. I still don't see how the elgg ldap module will help with this and besides last I checked it didnt actually work with current versions of elgg.

@cash
Copy link

cash commented Sep 7, 2010

In a standard elgg install, beechat's javascript retrieves a user's hashed password from the server. It then passes it to the ejabberd server as the password. The current external authentication script uses that hashed password for the authentication.

The standard ldap plugin (which does work) does not store passwords. I don't know how your ldap plugin works. As such, when beechat retrieves the password, it is not getting the ldap password of the user. Depending on how much security you need, you could store the ldap passwords in the database.

Another possibility is to assign a random xmpp password to the user (as metadata) and use an external authentication ejabberd script to authenticate that special password. It would require assigning the passwords, changing the retrieve details action, and writing a new external authentication script.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cash @bhgraham