Hi there,
I have a question about exactly how the External Authentication modules are created/invoked. Does ejabberd create a separate instance of the "driver" for every thread that needs to access authentication, or are all requests for authentication serialized through a single module instance?
Basically, will creating/using an External Authentication module have a negative effect on ejabberd's overall scalability? Obviously the exact implementation of the specific auth module will have SOME impact, but more from a technical standpoint, what's the difference scalability-wise between using the internal authentication an an External Authentication module?
Thanks!
-jse
Re: External Authentication and Scalability
There is only one erlang process (aka thread) per virtual host. Thus, auth request processing is sequential, and, of course, it is a possible scalability impact in the case when an external script is too slow.
Re: External Authentication and Scalability
Bummer! So if you want to write a custom authentication module that has minimal performance impact, are you better off doing that as a patch to ejabber's "internal" authentication mechanism, or does the PAM support give you essentially the same thing but as an "external" module?
Thanks!
-jse
Re: External Authentication and Scalability
does the PAM support give you essentially the same thing but as an "external" module?
PAM authentication method has the same logic as an external method, since it uses an external C-program.
So if you want to write a custom authentication module that has minimal performance impact, are you better off doing that as a patch to ejabber's "internal" authentication mechanism
True, but it depends :)