Hey,
If you don’t specify a hybrid auth provider then you’re using one provider only (your SSL one). So I think that admin user is trying to log in against the SSL provider and failing - maybe stick some logging in your plugin to verify this. So yeah - I think if you want an admin login to work using the username and password from the DB then you have to go Hybrid I’m afraid… but hopefully someone else is reading this that could clarify that : )
Well - after adding some logging I find that if you log into the admin console with user
What ends up in the backend is something that looks like this …
administrator\40prx.eng.westminster.polycom.com@prx.eng.westminster.polycom.com
= not gonna work
Drop the domain in the login and all is well.
Looks like I can put user authentication to bed
Mikey - thanks for all your help!
Thank all help in here. I solve this problem following your suggestion ,here is my steps( forgive my poor english)
1 insert pror key-value in database ofProperty.follow official Document.
2 write my own authProvider infoair.obcs.auth.ObcsAuthProvider ,infoair.obcs.auth.JDBCUserProvider
** package the two class in a ObcsAuth.jar ,and put it in openfire/lib ,it works.(jar class must include the package fold,/infoair/obcs/auth/ObcsAuthProvider.class, not only a class).**
3 something maybe you need notice
** if your database is used MD5 , Openfire support md5 in JDBCUserProvider,but it ask your md5 password are lowercase letters. if your MD5 password are uppercase ,you’ll write your own implements.**
** if you want do some otherthing in the auth provider, for example ,find a deptId from your own database there ,you can’t only invoke your DAO in your plugin, it will cauing error : can’t find class. you can only move the whole dao to live with the provider or used Openfire Connection.**
** if your want use openfire default connection, you can set this key-value: jdbcAuthProvider.useConnectionProvider true **
Hello guys
I created a custom auth provider with hybrid authentication and it works fine.
But in the case that user is not authenticated I would like to send a peace of information to the client (reseason why it is not authenticated). I put this message in UnauthorizedException message, but it seems that it is not sent to the client!
How can I send back customized piece of info to the client in the case it is not authenticated?
Thanks
any idea bout my problem here?!
Your question is not about custom auth providers it is about returning information upon login error conditions to clients. If I were you I’d open a new discussion chain about returning error information to the client and your specific use of the UnauthroizedException message for further help.
Hi,
I have impemented the custom JDBCAuthProvider.java.
Now, I Have other application running in production. I want to call the method which is in the production environment (That method will authenticate the user and password and returns the success if authentication is success else returns error message) to complete the authentication (Here, I don’t save the password in DB. It is an session ID of an user in Production environment). Now, authenticate(username, password) of custom JDBCAuthProvider.java is not getting invoked when, I try to login through the client (I am using Strophe “HTTP Binding” for my client) so that I could call the production class.
Could any one please help me with, How to invoke the class from JDBCAuthProvider.java (or any other openfire class) which is in Production environment?
Thanks,
Rajeev
I think you need to use the hybrid auth provider. See
Yes, You are right…
It is working fine now…
Thank you,
Rajeev
I know this is an old question but I wanted to answer it with my solution in case anyone else stumbles across this forum like I did. I wanted to include my AuthProvider as part of my Plugin instead of creating a separate jar file that had to be installed separately. Loading everything in the plugin jar via the admin console seemed like a much cleaner solution for people using the plugin.
As several other people mentioned, Plugins are not included in the classpath of core openfire class loaders during startup. Even setting “provider.auth.className” in the Plugin initializer fails because it is not included in the classpath. However, if you import the auth class and create an instance of that class before setting the ‘provider.auth.className’ it will work correctly:
MyAuthProvider foo = new MyAuthProvider();
JiveGlobals.setProperty(“provider.auth.className”, foo.getClass().getName());
I also had to add an empty constructor for my AuthProvider class but this seems to work fine.
When Openfire starts it will initially fail to find my class and revert to the default AuthProvider but as soon as my plugin loads it changes the auth class to mine again. This is a very short delay and it also has the advantage of automatically reverting Openfire to its default auth provider if the plugin is deleted.
It might not be an optimal solution so I’ll update this forum if I find problems with more extensive testing.
Dear Patrick,
Thank you very much by sharing with us your experience.
Your suggestion works like a charm.
For me it was not necessary to have an empty constructor for MyAuthProvider and it works very well.
+1
How to create a custom auth provider ? i am new in Java