diff options
Diffstat (limited to 'doc/guide.tex')
| -rw-r--r-- | doc/guide.tex | 41 |
1 files changed, 38 insertions, 3 deletions
diff --git a/doc/guide.tex b/doc/guide.tex index 44e8a3af8..9463d57aa 100644 --- a/doc/guide.tex +++ b/doc/guide.tex @@ -1187,8 +1187,7 @@ for user authentication. The syntax is: The following authentication methods are supported by \ejabberd{}: \begin{itemize} \item internal (default) --- See section~\ref{internalauth}. -\item external --- There are \footahref{http://www.ejabberd.im/extauth}{some - example authentication scripts}. +\item external --- See section~\ref{extauth}. \item ldap --- See section~\ref{ldap}. \item odbc --- See section~\ref{mysql}, \ref{pgsql}, \ref{mssql} and \ref{odbc}. @@ -1196,7 +1195,7 @@ The following authentication methods are supported by \ejabberd{}: \item pam --- See section~\ref{pam}. \end{itemize} -Account creation is only supported by internal and odbc methods. +Account creation is only supported by internal, external and odbc methods. \makesubsubsection{internalauth}{Internal} \ind{internal authentication}\ind{Mnesia} @@ -1218,6 +1217,42 @@ Examples: \end{verbatim} \end{itemize} +\makesubsubsection{extauth}{External Script} +\ind{external authentication} + +In this authentication method, when \ejabberd{} starts, +it start a script, and calls it to perform authentication tasks. + +The server administrator can write the external authentication script +in any language. +The details on the interface between ejabberd and the script are described +in the \term{ejabberd Developers Guide}. +There are also \footahref{http://www.ejabberd.im/extauth}{several example authentication scripts}. + +These are the specific options: +\begin{description} + \titem{\{extauth\_program, PathToScript\}} + Indicate in this option the full path to the external authentication script. + The script must be executable by ejabberd. + + \titem{\{extauth\_cache, false|CacheTimeInteger\}} + The value \term{false} disables the caching feature, this is the default. + The integer \term{0} (zero) enables caching for statistics, but doesn't use that cached information to authenticate users. + If another integer value is set, caching is enabled both for statistics and for authentication: + the CacheTimeInteger indicates the number of seconds that ejabberd can reuse + the authentication information since the user last disconnected, + to verify again the user authentication without querying again the extauth script. + Note: caching should not be enabled in a host if internal auth is also enabled. + If caching is enabled, \term{mod\_last} or \term{mod\_last\_odbc} must be enabled also in that vhost. +\end{description} + +This example sets external authentication, the extauth script, and enables caching for 10 minutes: +\begin{verbatim} +{auth_method, [external]}. +{extauth_program, "/etc/ejabberd/JabberAuth.class.php"}. +{extauth_cache, 600}. +\end{verbatim} + \makesubsubsection{saslanonymous}{SASL Anonymous and Anonymous Login} \ind{sasl anonymous}\ind{anonymous login} |