powered by Jive Software

PAM how to guide

This is for debian install, but you can use for many installs.

Install openfire and configure normally.

in the OS…

#useradd admin

#passwd admin

Put the same passwd that you put in Openfire admin web…

cd /usr/share/openfire/lib (or you lib of openfire)

wget https://maven.atlassian.com/public/com/cenqua/shaj/shaj/0.5/shaj-0.5.jar

cd /tmp

wget openfire_3_6_3.tar.gz

unzip a get the file openfire/resources/nativeAuth/linux-i386/libshaj.so

copy to /usr/share/openfire/lib

create the autentication for pam

cat /etc/pam.d/openfire

auth required pam_unix.so nullok_secure

Modify openfire to use NativeAuth.

in AdminWeb http://127.0.0.1:9090/server-properties.jsp

modify:

nativeAuth.domain=openfire

provider.auth.className=org.jivesoftware.openfire.auth.NativeAuthProvider
provider.user.className=org.jivesoftware.openfire.user.NativeUserProvider

the last step. must modify the group of openfire user to use PAM auth with all users: if not use this only can use one user “openfire”… this is for authenticate all users.

modify the group of the openfire user to shadow:

usermod -g shadow openfire

modify the “/etc/init.d/openfire” <- be sure that openfire start in the group shadow

the lines…

start() {
start-stop-daemon --start --quiet --background --make-pidfile
–pidfile /var/run/$NAME.pid --chuid openfire:shadow
–exec $JAVA – $DAEMON_OPTS
}

See, put the shadow group!!!

regards!

I setup success pam with openfire.

You can find shaj-0.5.jar from jirutka’s github

or my github

Guide Setup

BUILD shaj-0.5.jar

  • sudo apt-get install ant

  • cp -rf shaj-master ~/

  • cd ~/shaj-master

  • ant dist

  • cp -rf shaj-master/build/shaj-0.5.jar /opt/openfire/lib/
    BUILD libshaj.so

  • cd ~/shaj-master/src/c/

  • export JAVA_HOME=/usr/lib/jvm/java-7-oracle

  • make clean

  • make

  • cp -rf ~/shaj-master/src/c/libshaj.so /opt/openfire/lib/

  • cp -rf ~/shaj-master/src/c/libshaj.so /usr/lib/

  • sudo nano /etc/pam.d/openfire

    • auth required pam_unix.so nullok_secure
      CONFIG Openfire use NativeAuthProvider Open Server->Server Manager->System Properties
  • nativeAuth.domain=openfire

  • provider.auth.className=org.jivesoftware.openfire.auth.NativeAuthProvider

  • provider.user.className=org.jivesoftware.openfire.user.NativeUserProvider

  • admin.authorizedJIDs=admin@mycompany

  • xmpp.domain=mycompany