| Author |
Message |
|
| Guest |
 Posted: Thu Sep 07, 2006 9:19 am |
 |
|
|
Guest
|
|
| Back to top |
|
| Guest |
| Posted: Thu Sep 07, 2006 11:01 am |
|
|
|
Guest
|
On 9/7/06, Elijah Alcantara <elijah.alcantara@gmail.com> wrote:
> Hi,
>
> Ejabberd works great with the default mysql.sql but ...
>
> I would like to use a different field name for users in mysql, is that
> possible?
Yes, it is possible.
You need to change filed names in ejabberd_auth_odbc.erl and rebuild ejabberd.
Or you may use external auth script, if it will fit all your needs.
>
> someone already suggested a custom auth script here
> http://ejabberd.jabber.ru/node/895?time=1157617904 but I didn't really
> understand how this can use a different field name rather than the
> default 'users' ...
--
Alexej Bestchiokov
EMail/JID: proforg@maloletka.ru
phone: +7 495 7853149
_______________________________________________
ejabberd mailing list
ejabberd@jabber.ru
http://lists.jabber.ru/mailman/listinfo/ejabberd
Post recived from mailinglist |
|
|
| Back to top |
|
| Guest |
| Posted: Fri Sep 08, 2006 1:02 am |
|
|
|
Guest
|
|
| Back to top |
|
| Guest |
| Posted: Fri Sep 08, 2006 2:41 pm |
|
|
|
Guest
|
On 9/8/06, Elijah Alcantara <elijah.alcantara@gmail.com> wrote:
> I found this script:
> http://ejabberd.jabber.ru/files/efiles/check_mysql.php.txt
> but can't see any field names for vcard or roster, how do I use this?
Oh well  External auth script take care only about authorization -
not vcard / roster / etc.
vcards, offline messages, roster and roster groups are stored either
in internal mnesia database, or in external one using odbc/native db
connectors.
If you want change field/table names for theese tables - you need to
patch corresponding *_odbc.erl files. (or even if u dont want to
change names but want to store more than 1 virtual domain data in
single database  )
However, code is quite simple and such changes easy to implement
--
Alexej Bestchiokov
EMail/JID: proforg@maloletka.ru
phone: +7 495 7853149
_______________________________________________
ejabberd mailing list
ejabberd@jabber.ru
http://lists.jabber.ru/mailman/listinfo/ejabberd
Post recived from mailinglist |
|
|
| Back to top |
|
| Guest |
| Posted: Fri Sep 08, 2006 2:52 pm |
|
|
|
Guest
|
|
| Back to top |
|
| Guest |
| Posted: Fri Sep 08, 2006 5:41 pm |
|
|
|
Guest
|
|
| Back to top |
|
| Guest |
| Posted: Fri Sep 08, 2006 6:59 pm |
|
|
|
Guest
|
|
| Back to top |
|
| Guest |
| Posted: Sat Sep 09, 2006 3:42 pm |
|
|
|
Guest
|
Hi,
Am Freitag, den 08.09.2006, 22:58 +0400 schrieb proforg:
> > Are there people that know if this is possible in other supported databases
> > (preferably with an URL to documentation)? I might write a comment for the
> > guide about this.
>
> MySQL since 5.0.1 support updatable views
> http://dev.mysql.com/doc/refman/5.0/en/create-view.html
> Actually there are some limitations, not all views are updatable.
> Rules are more powerfull tool but not supported in MySQL, afaik.
I don't know PostgreSQL very well but it seems to me that Triggers have
a similiar concept as Rules in PostgreSQL. With a trigger it is possible
to define an action on a decent event like UPDATE or DELETE. This is
supported in MySQL 5.0 and really worth giving it a try. But one thing
on Ejabberd annoys me since a long time: why aren't the passwords
internally hashed? That's so weird, I don't understand why there is a
software in 2006 where passwords are stored in cleartext. Any chance to
change this behaviour?
Greets, Lars
--
"Kriterium des Wahren ist nicht seine unmittelbare
Kommunizierbarkeit an jedermann"
-- Theodor Wiesengrund Adorno, aus: »Negative Dialektik«
name: Lars H. Strojny web: http://strojny.net
street: Engelsstraße 23 blog: http://usrportage.de
city: D-51103 Köln mail/jabber: lars@strojny.net
f-print: 1FD5 D8EE D996 8E3E 1417 328A 240F 17EB 0263 AC07
Post recived from mailinglist |
|
|
| Back to top |
|
| Guest |
| Posted: Sat Sep 09, 2006 4:28 pm |
|
|
|
Guest
|
Hi Lars,
Lars Strojny wrote:
> .....But one thing
> on Ejabberd annoys me since a long time: why aren't the passwords
> internally hashed? That's so weird, I don't understand why there is a
> software in 2006 where passwords are stored in cleartext. Any chance to
> change this behaviour?
Is MD5 supported across most ODBC databases? I know MySQL does.
Cheers,
Dan.
_______________________________________________
ejabberd mailing list
ejabberd@jabber.ru
http://lists.jabber.ru/mailman/listinfo/ejabberd
Post recived from mailinglist |
|
|
| Back to top |
|
| Guest |
| Posted: Sat Sep 09, 2006 4:46 pm |
|
|
|
Guest
|
Hi Dan,
it's really wicked to here from you also on the weekend  , but:
Am Samstag, den 09.09.2006, 18:29 +0200 schrieb Daniel Bartlett:
[...]
> Lars Strojny wrote:
> > .....But one thing
> > on Ejabberd annoys me since a long time: why aren't the passwords
> > internally hashed? That's so weird, I don't understand why there is a
> > software in 2006 where passwords are stored in cleartext. Any chance to
> > change this behaviour?
>
> Is MD5 supported across most ODBC databases? I know MySQL does.
I think that's not really relevant, since Ejabberd should do the
hashing. ODBC support VARCHAR-like fields, which means, you can store a
string there and so on a MD5-hash. Ejabberd does the hashing and asks
the DB "Hey, does your string look like my string?"
Greets, Lars
--
"Kriterium des Wahren ist nicht seine unmittelbare
Kommunizierbarkeit an jedermann"
-- Theodor Wiesengrund Adorno, aus: »Negative Dialektik«
name: Lars H. Strojny web: http://strojny.net
street: Engelsstraße 23 blog: http://usrportage.de
city: D-51103 Köln mail/jabber: lars@strojny.net
f-print: 1FD5 D8EE D996 8E3E 1417 328A 240F 17EB 0263 AC07
Post recived from mailinglist |
|
|
| Back to top |
|
| Guest |
| Posted: Sat Sep 09, 2006 5:04 pm |
|
|
|
Guest
|
Hi Lars,
Lars Strojny wrote:
> it's really wicked to here from you also on the weekend , but:
Hehe.
> I think that's not really relevant, since Ejabberd should do the
> hashing. ODBC support VARCHAR-like fields, which means, you can store a
> string there and so on a MD5-hash. Ejabberd does the hashing and asks
> the DB "Hey, does your string look like my string?"
Good point. Then I guess a simple modification to ejabberd_auth.erl
using erlang:md5(Password) might do the trick.
Cheers,
Dan.
_______________________________________________
ejabberd mailing list
ejabberd@jabber.ru
http://lists.jabber.ru/mailman/listinfo/ejabberd
Post recived from mailinglist |
|
|
| Back to top |
|
| Guest |
| Posted: Sat Sep 09, 2006 5:07 pm |
|
|
|
Guest
|
|
| Back to top |
|
| Guest |
| Posted: Sat Sep 09, 2006 5:21 pm |
|
|
|
Guest
|
On 9/9/06, Lars Strojny <lars@strojny.net> wrote:
> Hi,
<skipped>
> supported in MySQL 5.0 and really worth giving it a try. But one thing
> on Ejabberd annoys me since a long time: why aren't the passwords
> internally hashed? That's so weird, I don't understand why there is a
> software in 2006 where passwords are stored in cleartext. Any chance to
> change this behaviour?
If ejabberd stored hashed passwords it would be impossible to use
secure authentication over unencrypted user connection. Passwords
would have to be sent over the network in cleartext. So, I guess
ejabberd will not hash passwords in the database. You may use your own
password database and use external authentication script (but remember
about passwords on the network).
--
Sergei Golovan
_______________________________________________
ejabberd mailing list
ejabberd@jabber.ru
http://lists.jabber.ru/mailman/listinfo/ejabberd
Post recived from mailinglist |
|
|
| Back to top |
|
| Guest |
| Posted: Sat Sep 09, 2006 9:15 pm |
|
|
|
Guest
|
On Sat, Sep 09, 2006 at 09:21:18PM +0400, Sergei Golovan wrote:
> On 9/9/06, Lars Strojny <lars@strojny.net> wrote:
> >Hi,
>
> <skipped>
>
> >supported in MySQL 5.0 and really worth giving it a try. But one thing
> >on Ejabberd annoys me since a long time: why aren't the passwords
> >internally hashed? That's so weird, I don't understand why there is a
> >software in 2006 where passwords are stored in cleartext. Any chance to
> >change this behaviour?
>
> If ejabberd stored hashed passwords it would be impossible to use
> secure authentication over unencrypted user connection. Passwords
You mean with SASL DIGEST authentication? The RFC for it discusses
exactly what you should do to store hashed passwords (actually, a hash
of user name, realm and password, which is more effective). This gives
you the best of both worlds: you never explicitly give the password when
authenticating, and the server doesn't store it explicitly either.
Brian
_______________________________________________
ejabberd mailing list
ejabberd@jabber.ru
http://lists.jabber.ru/mailman/listinfo/ejabberd
Post recived from mailinglist |
|
|
| Back to top |
|
| Guest |
| Posted: Sat Sep 09, 2006 9:34 pm |
|
|
|
Guest
|
> I don't know PostgreSQL very well but it seems to me that Triggers have
> a similiar concept as Rules in PostgreSQL. With a trigger it is possible
> to define an action on a decent event like UPDATE or DELETE. This is
> supported in MySQL 5.0 and really worth giving it a try.
Both mysql and pgsql support triggers But in pgsql you can create
rules (triggers) on view. In mysql afaik there are no ways to create
trigger on view, so view should be updatable, which is not always
possible
> But one thing
> on Ejabberd annoys me since a long time: why aren't the passwords
> internally hashed? That's so weird, I don't understand why there is a
> software in 2006 where passwords are stored in cleartext. Any chance to
> change this behaviour?
Probably no. You need to have cleartext passwords for digest authentication.
--
Alexej Bestchiokov
EMail/JID: proforg@maloletka.ru
phone: +7 495 7853149
_______________________________________________
ejabberd mailing list
ejabberd@jabber.ru
http://lists.jabber.ru/mailman/listinfo/ejabberd
Post recived from mailinglist |
|
|
| Back to top |
|
|
|
Digg It
Del.icio.us
Reddit
Facebook
Stumble Upon
Technorati
