Looking for ejabberd docs?

To access the most up-to-date ejabberd documentation, please visit docs.ejabberd.im »

Authenticate Against SASL

Submitted by mfoss on Tue, 2007-01-30 21:31

Name: ejabberd_auth_sasl

Purpose: Allows authenticating against SASL

Author: axet

Type: Patch

Requirements: 1.1.2

Download: ejabberd_auth_sasl.diff

How to Apply the Patch

Make sure you have the development files for SASL installed.
- On Debian you must install the package libsasl2-dev.
Go to the ejabberd source directory: ejabberd/src
Download the patch to that directory

Apply the patch:

$ patch -p0 < ejabberd_auth_sasl.diff
patching file Makefile.in
patching file ejabberd.cfg.example
patching file configure.ac
patching file sasl/ejabberd_auth_sasl.c
patching file sasl/ejabberd_auth_sasl.erl
patching file sasl/Makefile.in
patching file aclocal.m4

Regenerate 'configure':
```
$ autoconf
```

Execute 'configure':

$ ./configure
...
checking whether build sasl... yes
...
config.status: creating sasl/Makefile
...

Compile ejabberd:
```
$ make
```
Instruct ejabberd to use SASL authentication. To do that, edit ejabberd.cfg and modify the auth_mehtod depending on what you want to allow. For example:
```
{auth_method, [sasl]}.
```
Start ejabberd

Related Links

Announcement on forum:ejabberd_auth_sasl-1.0.0

Real SASL support?

Submitted by Garrett Wollman (not verified) on Wed, 2007-05-30 19:40.

Any chance that this module could find its way to becoming a real SASL module (as opposed to something that just calls libsasl2 to check passwords)? I actually want to be able to do GSSAPI, so I installed this, and was disappointed when I had to go read the code to find out that it doesn't actually implement SASL at all.

SASL GSSAPI

Submitted by mikma on Sat, 2007-06-02 21:01.

I'm implementing SASL GSSAPI support for ejabberd as a cyrsasl_gssapi module, which in turn uses esasl to authenticate the user instead of using the usual auth backends. I have already uploaded esasl as a patch to jungerl. Where should I upload the ejabberd module when it's ready?

Publish where you prefer

Submitted by mfoss on Sun, 2007-06-03 17:59.

You can publish your contribution on the place you prefer: Bugzilla, blog, personal site, the forum, the mailing list...

Once the code is published, I add a page on Contributions and either link to the original file, or I upload it to this site.

Links

Submitted by mikma on Wed, 2007-06-06 15:31.

The patches for GSSAPI support can be downloaded from:

http://hem.no-ip.info/esasl2.patch
http://hem.no-ip.info/ejabberd_gssapi.patch

They are compatible with SSO as implemented in Spark 2.5.3.

New configuration options:
{sasl_realm, "Kerberos realm"}.

The environment variable KRB5_KTNAME needs to be set before starting ejabberd.
It should contain the principal xmpp/FQDN, when FQDN is the fully qualified host name of the ejabberd server.

Nice! I've added a page to

Submitted by mfoss on Wed, 2007-06-06 18:05.

Nice! I've added a page to describe your contribution: Authenticate Against SASL GSSAPI.

Feel free to edit that page and improve the text, fix links... :)