1

I am using ejabberd in one of my project, which is itself implemented in erlang. I am interested in gaining access to the authentication flow, so that i can integrate my user db without having to register them separately in ejabberd.

I have got most of the things right as described here: https://git.process-one.net/ejabberd/mainline/blobs/raw/2.1.x/doc/dev.html#htoc8

However, seemingly ejabberd never receive response from my escript. Below is a part of the code responsible for sending resopnse:

process_data(["auth", _User, _Server, _Pass]) ->
    BB = <<1:16>>, %% result code 1 coded as short
    AA = byte_size(BB), %% AA is byte length of result
    Bin = <<AA:16,BB/binary>>, %% finally packing AA as short along with BB
    io:put_chars(Bin);

From my logs i end up sending:

=DEBUG== 2011-05-25 21:05:15 == <0.2.0> == extauth:53 ===
sent <<0,2,0,1>>

which is exactly similar to what i used to do inside PHP:

fwrite($out, pack("nn", 2, $result_code));

I m not sure where i m messing up.

Also i am interested if there is a better way to integrate my user db, since my app is itself in erlang and i would probably like to take advantage of erlang message passing instead of reading/writing stdin/stdout inside extauth

aronisstav
  • 7,755
  • 5
  • 23
  • 48
Abhinav Singh
  • 2,643
  • 1
  • 19
  • 29

1 Answers1

1

Two ideas:

1) Does your database support SQL? If so, enable {auth_method, odbc} as described in https://support.process-one.net/doc/display/MESSENGER/Using+ejabberd+with+MySQL+native+driver You can create views to mirror your internal DB structure into what ejabberd expects.

2) You could always create your own auth_method. If you are already skilled in Erlang, the code of Ejabberd is not hard to understand. I just glanced through the code for ejabberd_auth at https://github.com/processone/ejabberd/blob/2.1.x/src/ejabberd_auth.erl and it's fairly simple actually. Just create a module called ejabberd_auth_abhinav, export the necessary functions, and then enabled {auth_method, abhinav} and you're good to go.

Dan
  • 10,990
  • 7
  • 51
  • 80
  • Ever since i moved my app code from lamp structure to erlang, i no more use MySQL, infact i m currently just hanging on with mnesia (learning as i go). Currently i have ejabberd running at node ejabberd@localhost and my own otp app on node myapp@localhost. User registers via UI interface of myapp, which i ultimately want ejabberd to use for authentication. I don't want to register or keep credentials inside ejabberd mnesia passwd table (as is the case right now). I simply want a workflow inside myapp@localhost called when ejabberd needs some authentication. – Abhinav Singh May 28 '11 at 08:16
  • 1
    My answer 2) will allow you to do that. Write a module that implements the `ejabberd_auth` interface but internally makes calls to your app's code through some message - you could even use `rpc:call/4` if you want. – Dan May 28 '11 at 15:27
  • ultimately i think best way to go forward is indeed ejabberd_auth_myway.erl - Using rpc:call/4 again indeed is helpful (make sure ejabberd erlang cookie is synced with your running app cookie) – Abhinav Singh May 29 '11 at 15:43
  • In the interest of full disclosure, I am now using `extauth` myself for my own application. My excuse, though, is that the auth code is in Java. If it were in Erlang I'd still follow the approach I recommend above. – Dan Aug 02 '11 at 04:51
  • Hi Dan, i m no longer using extauth script. Instead i have written ejabberd_auth_myapp.erl which now talks to my running application whenever auth is required. – Abhinav Singh Aug 02 '11 at 12:12
  • That's good news. In my case I'm considering using JInterface to provide a layer of separation so that the Ejabberd specific details are all in Erlang. I have concerns about `extauth` from a stability standpoint – Dan Aug 02 '11 at 14:10