Hi,
I would like to know if Openfire allows you to do this? For example, my opefire server requires other XMPP Servers to encrypt using SSL and to authenticate using SASL DIGEST-MD5 or SASL GSSAPI. However as an Openfire admin, I fully trust the XMPP server A.com and I want to allow it to connect with no security, say via Server Dialback, or using SASL ANONYMOUS or EXTERNAL. However perhaps I also trust another Server B.com but I am worried about eavesdropping between servers, so I require Server Dialback and SSL.
Can this kind of authentication/IP filtering be achieved in openfire? I have been looking around and can’t seem to find any documentation on this.
XEP-0178 does specify that if an XMPP server provides a valid certificate it should be allowed to authenticate via SASL ANONYMOUS, the server trying to connect should not be given the option of SASL ANONYMOUS if the certificate is invalid. Is this implemented in Openfire, again I can’t seem to find any documentation, does it happen in the background automatically or is it something the admin can control?
Any help is much appreciated,
Thanks