ejabberd-htpasswd
Yet another ejabberd authentication bridge that uses apache-style .htpasswd files.
Warning
Currently, ONLY bcrypt-type hash passwords are supported in the
htpasswd file, i.e. hashes that start with $2a$ or $2y$.
Project
- Homepage: https://github.com/metagriffin/ejabberd-htpasswd
- Bugs: https://github.com/metagriffin/ejabberd-htpasswd/issues
Installation
$ sudo apt-get install libffi-dev
$ pip install ejabberd-htpasswdConfiguration
Update the authentication configuration in your
/etc/ejabberd/ejabberd.cfg file:
{auth_method, external}.
{extauth_program, "/usr/local/bin/ejabberd-htpasswd /path/to/htpasswd"}.
%% optional -- update as appropriate
%% {extauth_instances, 2}.
%% {extauth_cache, 300}.Options
The ejabberd-htpasswd script takes one optional positional argument, the fully-qualified path to the ".htpasswd" file, and several optional parameters:
-
-d,--debug:Enable debug mode for more stuff in the log files.
-
-l {FILENAME},--log-file {FILENAME}:The log file name, which will be rotated as defined by
-sand-c; default:/var/log/ejabberd/auth-htpasswd.log. -
-s BYTES,--log-size BYTES:specify the maximum size of the log file in bytes before the log file is rotated; default: 1048576 (1 MB).
-
-c NUMBER,--log-count NUMBER:specify the maximum number of log rotation files; default: 10.
-
-t EXPR,--domain-transform EXPR:specify a "sed"-style substitution expression for domain name transformation; example:
/.*\.example\.com$/example\.com/. Note that when placed in the ejabberd config file, several layers of escaping must be done, so you'll need something like this to accomplish the above:{extauth_program, "/usr/local/bin/ejabberd-htpasswd \\ -t /.*\\\\.example\\\\.com$/example.com/ \\ /path/to/htpasswd"}.
