Re: Associate different IPs/domains with different authentication methods?
Thanks Tomasz. Thats great to hear, finally a server with this functionality :) I'm currently reading the documentation/playing around with Jabberd2. I haven't(yet) come accross how to do it, could you possibly give a brief explanation or point me to some documentation that shows how/an example? Thanks, Wayne On Wed, Dec 2, 2009 at 8:58 PM, Tomasz Sterna to...@xiaoka.com wrote: Dnia 2009-12-02, śro o godzinie 13:18 +, Wayne Mac Adams pisze: I've been looking at various XMPP servers and I am trying to find one that is flexible in the authentication methods it offers to different IPs/domains. For example, my XMPP server requires other XMPP Servers to encrypt using SSL and to authenticate using SASL DIGEST-MD5 or SASL GSSAPI. However as an admin, I fully trust the XMPP server A.com and I want to allow it to connect with no security, say via Server Dialback, or using SASL ANONYMOUS or EXTERNAL. However perhaps I also trust another Server B.com but I am worried about eavesdropping between servers, so I require B.com to connect via Server Dialback and SSL. Does Jabberd2 allow this kind of authentication/IP filtering? You may setup different C2S and S2S instances for different domain/IP, each configured differently. This will allow for total control over the domain/IP authentication options. -- Tomasz Sterna Instant Messaging EDI Consultant Open Source Developer http://tomasz.sterna.tv/ http://www.xiaoka.com/ -- To unsubscribe send a mail to jabberd2+unsubscr...@lists.xiaoka.comjabberd2%2bunsubscr...@lists.xiaoka.com
Re: Associate different IPs/domains with different authentication methods?
Dnia 2009-12-03, czw o godzinie 16:10 +, Wayne Mac Adams pisze: I haven't(yet) come accross how to do it, could you possibly give a brief explanation or point me to some documentation that shows how/an example? jabberd2 is a bunch of cooperating processes: c2s- accepts user connections and authenticates users sm - handles jabberd domain services s2s- handles inter-domain connections (connects other servers) router - binds the above processes together You may run several c2s processes with different configuration files: /usr/sbin/c2s -c /etc/jabberd2/c2s-domain1.xml /usr/sbin/c2s -c /etc/jabberd2/c2s/domain2.xml etc. all connected to the same router process. Similarly for sm and s2s processes. -- Tomasz Sterna Instant Messaging EDI Consultant Open Source Developer http://tomasz.sterna.tv/ http://www.xiaoka.com/ -- To unsubscribe send a mail to jabberd2+unsubscr...@lists.xiaoka.com
Re: Associate different IPs/domains with different authentication methods?
Thats what I was thinking(but that could become quite resource heavy depending in the number of IPs/domains you want to cater for?). But then how can you direct certain IPs to use certain s2s processes? If IP 1.2.3.4 how could you direct it to the corresponding s2s? Somwhere in router.xml? Thanks for you help, Wayne On Thu, Dec 3, 2009 at 8:16 PM, Tomasz Sterna to...@xiaoka.com wrote: Dnia 2009-12-03, czw o godzinie 16:10 +, Wayne Mac Adams pisze: I haven't(yet) come accross how to do it, could you possibly give a brief explanation or point me to some documentation that shows how/an example? jabberd2 is a bunch of cooperating processes: c2s- accepts user connections and authenticates users sm - handles jabberd domain services s2s- handles inter-domain connections (connects other servers) router - binds the above processes together You may run several c2s processes with different configuration files: /usr/sbin/c2s -c /etc/jabberd2/c2s-domain1.xml /usr/sbin/c2s -c /etc/jabberd2/c2s/domain2.xml etc. all connected to the same router process. Similarly for sm and s2s processes. -- Tomasz Sterna Instant Messaging EDI Consultant Open Source Developer http://tomasz.sterna.tv/ http://www.xiaoka.com/ -- To unsubscribe send a mail to jabberd2+unsubscr...@lists.xiaoka.comjabberd2%2bunsubscr...@lists.xiaoka.com
Re: Associate different IPs/domains with different authentication methods?
Dnia 2009-12-02, śro o godzinie 13:18 +, Wayne Mac Adams pisze: I've been looking at various XMPP servers and I am trying to find one that is flexible in the authentication methods it offers to different IPs/domains. For example, my XMPP server requires other XMPP Servers to encrypt using SSL and to authenticate using SASL DIGEST-MD5 or SASL GSSAPI. However as an admin, I fully trust the XMPP server A.com and I want to allow it to connect with no security, say via Server Dialback, or using SASL ANONYMOUS or EXTERNAL. However perhaps I also trust another Server B.com but I am worried about eavesdropping between servers, so I require B.com to connect via Server Dialback and SSL. Does Jabberd2 allow this kind of authentication/IP filtering? You may setup different C2S and S2S instances for different domain/IP, each configured differently. This will allow for total control over the domain/IP authentication options. -- Tomasz Sterna Instant Messaging EDI Consultant Open Source Developer http://tomasz.sterna.tv/ http://www.xiaoka.com/ -- To unsubscribe send a mail to jabberd2+unsubscr...@lists.xiaoka.com