Can I instruct the jabber / xmpp server to delegate authentication to another module? We are building an internal application using XMPP, and it would be great if we could allow users to keep their default username / password that they use in our web applications. Currently, web applications use hashing passwords, so passwords in the database are not saved in text form. It would be easy to split passwords across systems if it werenβt, but then of course storing plaintext passwords in a server-side database is a big no-no.
Ideally, we could just tell the jabber server βhey, just let go of your username / authentication request hereβ and some other process (maybe even just the xmpp bit?) That handles authentication.
We are currently using ejabberd as our server, which I believe is written in Erlang. However, we are not attached to edgabird. I know that XMPP is huge and highly extensible - but I haven't found anything about extensible server-side authentication.
I found this one on the XMPP website, but it seems to be a protocol for negotiating authentication between client and server, not the actual authentication mechanism on the server.
Any pointers on how to combine authentication schemes between the XMPP server and our other systems?
source
share