Authenticating SHA-1 and Second Database


Is there a way to set OPF to use SHA-1 auth digest for the XMPP protocol? Where does the Jabber client supplied password check happen?


I I have a second database that keeps member login password as a SHA-1 digest, and wondered if there is a way to validate the login password against it?



I did see this:


‘…Authentication is the process of verifying a user. Custom authentication implementations can be created by extending the {@link org.jivesoftware.openfire.auth.AuthProvider} interface.’

Another question is what’s being provided by the Jabber client, but it looks the clients have a handler for SHA1 digest. It also looked like a session ID gets used as part of the digest response.


Looks like this may have an answer, ‘This document provides instructions for integrating Openfire authentication, users, and groups with your custom database tables.’ ration-guide.html

Sure does work, and am now authenticating against our web database, which is Oracle (cough : D) and SHA1. All I can say is WOOT.