Associate different IPs/domains with different authentication methods?


I would like to know if Openfire allows you to do this? For example, my opefire server requires other XMPP Servers to encrypt using SSL and to authenticate using SASL DIGEST-MD5 or SASL GSSAPI. However as an Openfire admin, I fully trust the XMPP server and I want to allow it to connect with no security, say via Server Dialback, or using SASL ANONYMOUS or EXTERNAL. However perhaps I also trust another Server but I am worried about eavesdropping between servers, so I require Server Dialback and SSL.

Can this kind of authentication/IP filtering be achieved in openfire? I have been looking around and can’t seem to find any documentation on this.

XEP-0178 does specify that if an XMPP server provides a valid certificate it should be allowed to authenticate via SASL ANONYMOUS, the server trying to connect should not be given the option of SASL ANONYMOUS if the certificate is invalid. Is this implemented in Openfire, again I can’t seem to find any documentation, does it happen in the background automatically or is it something the admin can control?

Any help is much appreciated,


Anybody have an answer to this? Sorry for the bump but I need to find out.

My gut feeling is it is not possible… I can’t find any way of doing it.

and I’m not sure if XEP-0178 is implemented in Openfire yet…