I would like to write a custom authentication plugin for Openfire. I’d like to retrieve the user’s resource and do some checks on it. The idea is that a user can login with certain resources only, so I’d like to check that in the auth plugin. I have Openfire’s trunk & eclipse setup like in the turorial : http://www.igniterealtime.org/community/message/150674#150674
Eclise says that the ant file has syntax errors, but if I tell it to open it and then I double click on it it builds fine.
I’ve run it in debug mode already to see what was happening, but I still don’t get some things. I was wondering if anybody has some good likes on writing an auth plugin (tutorials/howtos, examples, posts, blogs, etc)?
Unfortunately you can’t write a custom authentication provider implemented as a plugin. Please see this thread for details.
Ok, so like the thread says, I have to create a separate jar and add it to lib, that’s fine I guess. So an AuthProvider is the only thing I need to implement?
After reading RFC3920 section 6 & 7, if I understand correctly first the authentication takes place and then the resource binding. Where does the resource binding take place?
I think that in reality it is the resource binding that I must implement, since I’d like to verify that the authenticated user has the right to access that resource. In the RFC they give the example of a multi-user chat room where the JID is (something like) : server@domain/nick, each user is a resource, I’d like something like this, it must be possible to do since a chatroom may verify that the user/resource has the right to login (I know there are maybe other ways to implement a chat room, but this example is closer to what I’d like to achieve).