I use ejabberd 1.1.3 and I need to use mod_roster_odbc, but I also have md5 passwords in mysql database. I wrote extauth script and setupr external authorization for my host. I also configure odbc_server for this host:
{host_config, "myhost.com", [{auth_method, [external]}, {odbc_server, {mysql, "dbhost", "dbname", "dbuser", "dbpasswd"}}, {extauth_program, "/etc/ejabberd/auth.pl"}, {allow_multiple_connections, false}, {anonymous_protocol, sasl_anon}]}.
auth.pl starts well and it authorize me, but I cannot see my rosters. If I add odbc like authorization method:
{auth_method, [external, odbc]}
I see all rosters in my contact list, but I have another very important problem - I can login with any password, all I need to know is username.
I cannot understand what I'm doing incorrect.
Is it possible to use mod_roster_odbc and also external authorization, or may be it is possible to setup odbc auth to compare md5 password codes not plain text?..
Thank you.
alouette wrote: Is it
Is it possible to use mod_roster_odbc and also external authorization
I found an on the mailing list asking the same. No solution was given that time, maybe this subject is discussed later.
or may be it is possible to setup odbc auth to compare md5 password codes not plain text?
Yes, maybe ejabberd_auth_odbc.erl can be modified. Are you still interested in such a feature?
ejabberd_auth_odbc.erl can be modified
Because I'm not familiar with erlang so much to make changes like this as fast as I need I made Java auth application that is working well now. With perl script there were problems like I described above.
I think that my solution is not the best one, better to be to change erl authorization procedure, if you will do it please let me know, probably I'll do it later then I'll have more time to understand the language.