[prev in list] [next in list] [prev in thread] [next in thread]
List: jabber-jadmin
Subject: [jadmin] realm question (?)
From: <ktolis () ccf ! auth ! gr>
Date: 2005-08-26 13:31:36
Message-ID: 8dc9ba686fc262600d71e99c29a21bfe () ccf ! auth ! gr
[Download RAW message or body]
Hi to the list,
this is my first post so please be gentle :)
I don't know if this is the correct list to post this question, so if
it isn't please forward me to the correct one.
I have set up a jabber server (jabberd2) on a gentoo box. Users can
login and chat without problems. The backend authenticates via openldap
with tls enabled and the storage is on a mysql db. Users can login only
via ssl. All is fine so far.
At the c2s.xml I configured the id to be myhost.mydomain.gr and this is
also the default realm as noted at the documentation. All users can
login using their <username>@test.ccf.auth.gr
The institution I am working at has multiple domains. I need now to
enable everyone to authenticate using as their JID their original
e-mail and not this hosts' name. So for example I need to login as :
ktolis@ccf.auth.gr although the host name is still test.ccf.auth.gr. I
am using Gush so I request it to not autodetect the server name via the
JID. Although it tries to login it disconnects. Switching on the debug
mode does not show even my username and this confused me a bit since if
it a routing problem at least it would show (or so I think) the userid
that requests the login. But maybe I am llooking in the wrong place.
I suppose the problem is in the setup of the c2s.xml file.
This is the excerpt from the c2s.xml file I that I think is relevant:
...
<local>
<id>test.ccf.auth.gr</id>
<id realm='ccf.auth.gr'>test.ccf.auth.gr</id>
...
...
<ldap>
...
<basedn realm='test.ccf.auth.gr'>o=auth,c=gr</basedn>
<basedn realm='ccf.auth.gr'>o=auth,c=gr</basedn>
<basedn>o=auth,c=gr</basedn>
</ldap>
Shouldn't this be enough?
as far as I understand it the <id realm> tag creates an alias. The
value of it is the actual location of the server that it will have to
relay the user from this realm. At the ldap section we have to attach
the realm we want to authenticate to the correct basedn. I know I am
missing something but I can't understand what.
Can someone be of assistance in this matter?
Apostolos Karakoussis
ktolis@ccf.auth.gr
_______________________________________________
jadmin mailing list
jadmin@jabber.org
http://mail.jabber.org/mailman/listinfo/jadmin
FAQ: http://www.jabber.org/about/jadminfaq.shtml
_______________________________________________
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic