I’m working on integrating Openfire with my custom project. I want to authenticate against Openfire user database, and possibly create new user accounts from my application. What is a better option: to dig for encryption algorithm Openfire uses to store passowrds, or develop my own auth provider for openfire? Please note that in the latter case I still need the ability to register new accounts from Openfire.
However, if you just want to authenticate and create new user accounts, it should be sufficient to read/write directly to your database. But be aware, that there are no “new user” (etc.) events are generated, which can confuse some of your plugins.
If you want more, e.g. create new shared groups or add users to groups, you need definitely to write a plugin that acts as interface to you application.
I’m not sure what you want to do, but I would say the existing providers are sufficient.
Inside a plugin you can create new users using method UserManager.createUser. Inside this method all necessary events are fired. Also you can use class AuthFactory to retrieve users password.
Unfortunately, existing providers are not sufficent for me: DefaultAuthProvider uses either Blowfish-encrypted or plain-text passwords (my system uses md5 hashes).
One more thing is that my system is written in python, and I want to avoid writing extra java code.There’s no way of using AuthFactory from python code (AFAICS).
As @phearnot want to authenticate against Openfire user database. So he need to own AuthProvider implemenatation and creating and managing user from his database so he need to implement his own user provider sothat he can manage his own user data base
BTW, it appears that GroupProvider implementation is necessary to share groups among Openfire and my app. Is there any possibility to change Auth/User/Group provider at runtime (from a plugin, for instance), or such changes require server restart?
According to me these providers are loaded at bootstrap and only changes at runtime when we setup openfire server first time. but there is no option to specify to use our custom providers.
I am using my custom providers by manully editing the openfire.xml
like for to change custom Authprovider and UserProvider I made change asin openfire.xml :