I've created a JECL xdb component using an existing Sybase backend to replace the Jabber 1.4.2 xdb_file module. Everything seems to be working fine, but now I need to move it into production. While testing, I responded to all jabber:iq:auth requests with password 'password' to make my life easier. Now, I'm returning the actual passwords stored in the database. These passwords are not clear text, but crypted with a salt value. First off, oddly enough, it appears that I can continue to use the password 'password' successfully!? I think the authorization is really being handled by the jabber:iq:auth:0k response instead?
My assumption was that I would just need to modify some jsm auth module to crypt the clear text password passed by the client to see if it matches the crypted password returned by my xdb component for jabber:iq:auth. Is this true? If so, what module (mod_auth_plain, etc.)? Do I really need the jabber:iq:auth:0k if I use this approach? Any help would be greatly appreciated. Thanks, Ryan _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
