Raymond Xiong wrote: > Two more notes on user authentication: > > 1) ejabberd also supports PAM authentication. So it is possible to > use UNIX accounts for ejabberd user authentication(though I don't think > this was recommended in its manual). For various reason, this feature > won't be supported in my package.
Actually that might be a much better idea because it opens up a lot of scope for better authentication. Given that Solaris invented PAM I find it very strange to integrate something that has PAM support available but to disable it. Running with PAM will, unfortunately, require that the daemon run with all privileges during authentication. I think unfortunately this case is getting to the point that it should come for full review (sadly it looked like it was converging). I'm not derailing yet but I might. -- Darren J Moffat
