diff options
author | Ben Langfeld <ben@langfeld.me> | 2015-04-08 22:21:09 -0300 |
---|---|---|
committer | Ben Langfeld <ben@langfeld.me> | 2015-05-06 14:12:15 -0300 |
commit | 917d48f30bca65f984c4e1305eefe7266097ff65 (patch) | |
tree | 390c7a48debfc9ee47f3c78c4fc079c003a463b6 /src/ejabberd_web_admin.erl | |
parent | Remove commented code (diff) |
Use SASL PLAIN authzid as client identity if auth module permits it
This allows the authentication modules to perform SASL proxy authentication. It puts the onus on them to authorize the authcid to masquerade as the authzid. Doesn't currently implement such functionality in existing auth modules, since they cannot currently codify a relationship between the two identities. Does not permit the authzid to use a domain differently from the one of the connection.
Note: digest might not work, but I have no interest in it, being deprecated.
Diffstat (limited to 'src/ejabberd_web_admin.erl')
-rw-r--r-- | src/ejabberd_web_admin.erl | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/ejabberd_web_admin.erl b/src/ejabberd_web_admin.erl index 29ecb734..7cf15210 100644 --- a/src/ejabberd_web_admin.erl +++ b/src/ejabberd_web_admin.erl @@ -263,7 +263,7 @@ get_auth_admin(Auth, HostHTTP, RPath, Method) -> get_auth_account(HostOfRule, AccessRule, User, Server, Pass) -> - case ejabberd_auth:check_password(User, Server, Pass) of + case ejabberd_auth:check_password(User, <<"">>, Server, Pass) of true -> case is_acl_match(HostOfRule, AccessRule, jlib:make_jid(User, Server, <<"">>)) |