This article ( http://community.igniterealtime.org/thread/18930 ) mentions some really good work regarding Custom Auth plugin. I’m too looking for similar solution, where I would be able to authenticate user based on my business requirement. Can someone please point me to a good document that shows how to write Custom Auth plugin and steps to configure the system to use it ? Thank you!
The javadoc of AuthProvider.java should be enough to write a custom auth provider. Also the source code contains some auth provideres, so it is easy to write and use one.
Hi LG,
Actually I had already started in that direction. Here are few things I did, but I I’m not getting expected results. I must have done something wrong.
-
I created a new class XyzAuth that implements org.jivesoftware.openfire.auth.AuthProvider
-
Compiled the code, created jar file and copied it to Openfire/lib dir.
-
Just to check if things get loaded as expected, I added some Info level Loggings to all methods.
-
Next I upaded the conf/openfire.xml with:
com.xyz.openfire.xyzauth
…
-
From the Openfire admin UI, changed: provider.auth.className=com.xyz.openfire.xyzauth
-
Restarted the openfire service from command line.
I was expecting to see loggings in the log file, but it is all empty. Also, I was expecting the user sign-in would fail (sign-in from clients like ichat) since I changed the auth provider, but users are able to sign-in successfully.
Note: Next I checked conf/openfire.xml and found className section that i added earlier was missing. All it had was:
Thx again.
May be setting up the provider.auth.className to custom class was not the right thing to do. So I changed the settings to:
provider.auth.className = org.jivesoftware.openfire.auth.HybridAuthProvider
hybridAuthProvider.primaryProvider.className = org.jivesoftware.openfire.auth.DefaultAuthProvider
hybridAuthProvider.secondaryProvider.className = org.jivesoftware.openfire.auth.NativeAuthProvider
hybridAuthProvider.tertiaryProvider.className = com.xyz.openfire.xyzauth
hybridAuthProvider.primaryProvider.overrideList = admin,u1
hybridAuthProvider.secondaryProvider.overrideList = admin,u1
Now I tried authentication with user u2, but it still not hitting tertiaryProvider class (don’t see any logging).
Any idea, what I am doing wrong here ?
Finally I got it working with the HybridAuthProvider. However there is a small problem.
I’m now authenticating user from a different table, the user ID being authenticated is not present in ofUser table. Because of that sign-in gets rejected with this error:
org.jivesoftware.openfire.net.SASLAuthentication - User Login Failed. PLAIN authentication failed for: null
However if I add the user id to the ofUser table, even with null passwords, authentication succeeds (authentication logic now checkes different tables).
I’m trying to look at the src code to figure out where else the ofUser is being referenced from, but I think there might be a way to override this from the config file.
Any suggestions ?