Home » ejabberd » Basic Ejabberd install/setup on ubuntu (External Script Authentication)

Basic Ejabberd install/setup on ubuntu (External Script Authentication)

In first article, I discussed the installation and normal chat with users registered internally. Now i am going to discuss the external authentication through a php script.

If you want to authenticate users via your database. their are two alternatives.
1. Using odbc, It have one restriction as its internal database have and that is password must be stored plain. (Latest version may not have this restriction.)
2. Using external authentication script. In this way you can authenticate user via a custom script. Here one good php script can be found there. https://github.com/deceze/ejabberd-extauth-PHP. Now download an extract in some location of your system (not necesarily on apache document root as it will working as cli script ).

Now first create a php script in same folder. I name it auth.php. This file should have similar code suggested at github page. I am updating it using some real query.



#!/usr/bin/php
require 'ejabberd_external_auth.php';
class Auth extends EjabberdExternalAuth {
    protected function authenticate($user, $server, $password) {
        $stmt = $this->db()->prepare("SELECT user_id FROM user WHERE username = ? AND password = ? ");
        $stmt->execute(array($user, password));
        if($stmt->rowCount() >= 0 )
        {
            return true;
        }
        else
        {
            return false;
        }
    }

    protected function exists($user, $server) {
        $stmt = $this->db()->prepare("SELECT user_id FROM user WHERE username = ? ");
        $stmt->execute(array($user));
        if($stmt->rowCount() >= 0 )
        {
            return true;
        }
        else
        {
            return false;
        }
    }
}
$pdo = new PDO('mysql:dbname=testdb;host=127.0.0.1', 'user', 'password');
new Auth($pdo, 'auth.log');

I skipped $server argument in query check as If you need only users for one chat server. If you need to handle multiple servers then you may need to change code to reflect server too in query.

Now comment internal auth_method by

%%{auth_method, internal}.

And uncomment, change the line

{auth_method, external}.
{extauth_program, "/path/to/auth.php"}.

gave executing permission to auth.php by chmod 0755 auth.php.

NOTE – As this script executed by ejabberd user created at time of ejabberd installation. So this script need execute permission for ejabberd. You may add ejabberd to your user’s group and gave group to execute permission or gave other to execute permission. In both case it is advisable to check execute file after login through other user.

Add chat users in your user table. You will also need admin user to add into your DB with same password to run admin console.

Now restart ejabberd. and verify by adding user at you jabber client. if it going failed. Then verify log file var/log/ejabberd.log. If file have error to not connecting. check php script again for any error.

Ejabberd default enabled MUC (multi user chat or several other modules ), So you can verify/use also this functionality too.

That’s all for this article, In next article I will discuss message logging.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s