powered by Jive Software

Authenticating against a 3rd-party API

I would like to have Spark clients authenticate with OpenFire by going against a 3rd-party API. That is, the user would type their 3rd-party username and password into Spark, along with my OpenFire domain. My customized OpenFire will pass the username and password to the 3rd-party API and attempt to login. If the login succeeds, then the Spark client will have a normal chat session established with OpenFire. The user will not have a user account in the OpenFire database – only at the 3rd-party.

From what I can tell, I need to implement an AuthProvider to do my 3rd-party API calls. Is there anything else I have to do? I recognize that this is similar to an LDAP authentication, but there are no groups. The LDAP integration seems much more complex than I would expect to need for my purposes. Are there other interfaces or classes that I need to provide? Will the session behave normally from this point forward?

Thank you,


I have determined that I need to also implement UserProvider.

The thing is, I don’t want to store the user’s 3rd-party username and password in my local database. So, how can I implement UserProvider without persisting the user’s third-party credentials?

Thanks for any advice!


you may want to take a look at org.jivesoftware.openfire.auth.NativeAuthProvider or JDBCAuthProvider - they do as far as I can tell not implemet a UserProvider. Openfire stores the user locally, it needs the local user to manager rosters, subscriptions, …


Thanks for the advice, LG. Unfortunately, both of the classes you mentioned contain this code:

UserManager userManager = UserManager.getInstance();

NativeUserProvider extends DefaultUserProvider, which is a pretty hefty default class that stores into the database. And JDBCUserProvider does, as well.

I’m curious if there is another AuthProvider you can point me to that truly doesn’t implement a UserProvider. This is a lot of code to grok, and I’m having a hard time figuring out how to extract what I want and leave out what I don’t without breaking OpenFire.