I'm stumped at the moment. I'm trying to get ejabberd to authenticate users based on my web application's already-existing MySQL user table.
Environment info
- Ubuntu 8.04 server
- Ejabberd 2.0.1-2 (using hardy-backports)
- PHP 5.2.4
- MySQL 5.0.51a-3
In ejabberd.cfg:
I've commented out the following default auth_method line:
%%{auth_method, internal}.
And uncommented and edited the following lines:
{auth_method, external}.
{extauth_program, "/var/myapplication/xmpp_auth.php"}.
The PHP script
The PHP script is based off of this example script from ejabberd's doc pages.
My checkuser() and checkpass() functions work flawlessly on their own. I've tested them separately. php -l shows no syntax errors in xmpp_auth.php.
However, when auth_method is set to internal, I am able to login as a user I've created with ejabberdctl, but when I switch to the external method, nothing works.
Logs
Here are the corresponding log entries when I try to log in with identifying information removed. CLIENT_IP_REMOVED is my client IP, SERVER_IP_REMOVED is my server's IP, and myapplication.com is my server's domain name.
/var/ejabberd/ejabberd.log:
=INFO REPORT==== 2009-10-28 16:01:46 ===
I(<0.244.0>:ejabberd_listener:112) : (#Port<0.446>) Accepted connection {{CLIENT_IP_REMOVED},65263} -> {{SERVER_IP_REMOVED},5222}
=ERROR REPORT==== 2009-10-28 16:01:48 ===
** State machine <0.447.0> terminating
** Last event in was {xmlstreamelement,
{xmlelement,
"auth",
[{"xmlns","urn:ietf:params:xml:ns:xmpp-sasl"},
{"mechanism","PLAIN"},
{"xmlns:ga",
"http://www.google.com/talk/protocol/auth"},
{"ga:client-uses-full-bind-result","true"}],
[{xmlcdata,<<"AHNlbnNsZXkAam9iNDI0">>}]}}
** When State == wait_for_feature_request
** Data == {state,{socket_state,tls,
{tlssock,#Port<0.446>,#Port<0.448>},
<0.446.0>},
ejabberd_socket,
#Ref<0.0.0.9159>,
"53195611",
{sasl_state,"jabber",
"myapplication.com",
[],
#Fun<ejabberd_c2s.1.74696376>,
#Fun<ejabberd_c2s.2.131707924>,
undefined,
undefined},
c2s,
c2s_shaper,
false,
true,
false,
true,
[{certfile,"/etc/ejabberd/ejabberd.pem"}],
false,
undefined,
[],
"myapplication.com",
[],
undefined,
{0,nil},
{0,nil},
{0,nil},
{0,nil},
{dict,0,
16,
16,
8,
80,
48,
{[],
[],
[],
[],
[],
[],
[],
[],
[],
[],
[],
[],
[],
[],
[],
[]},
{{[],
[],
[],
[],
[],
[],
[],
[],
[],
[],
[],
[],
[],
[],
[],
[]}}},
undefined,
undefined,
undefined,
false,
{userlist,none,[]},
unknown,
unknown,
{{CLIENT_IP_REMOVED},65263},
[]}
** Reason for termination =
** {badarg,[{extauth,call_port,2},
{ejabberd_auth,'-check_password_with_authmodule/3-fun-0-',4},
{lists,dropwhile,2},
{ejabberd_auth,check_password_with_authmodule,3},
{cyrsasl_plain,mech_step,2},
{cyrsasl,server_step,2},
{ejabberd_c2s,wait_for_feature_request,2},
{gen_fsm,handle_msg,7}]}
/var/log/ejabberd/sasl.log:
=CRASH REPORT==== 28-Oct-2009::16:14:50 ===
crasher:
pid: <0.457.0>
registered_name: []
error_info: {badarg,
[{extauth,call_port,2},
{ejabberd_auth,
'-check_password_with_authmodule/3-fun-0-',
4},
{lists,dropwhile,2},
{ejabberd_auth,check_password_with_authmodule,3},
{cyrsasl_plain,mech_step,2},
{cyrsasl,server_step,2},
{ejabberd_c2s,wait_for_feature_request,2},
{gen_fsm,handle_msg,7}]}
initial_call: {gen,
init_it,
[gen_fsm,
<0.235.0>,
<0.235.0>,
ejabberd_c2s,
[{ejabberd_socket,
{socket_state,gen_tcp,#Port<0.458>,<0.456.0>}},
[{access,c2s},
{shaper,c2s_shaper},
{max_stanza_size,65536},
starttls,
{certfile,"/etc/ejabberd/ejabberd.pem"}]],
[]]}
ancestors: [ejabberd_c2s_sup,ejabberd_sup,<0.36.0>]
messages: []
links: [<0.235.0>,#Port<0.460>]
dictionary: []
trap_exit: false
status: running
heap_size: 2584
stack_size: 21
reductions: 3425
neighbours:
=SUPERVISOR REPORT==== 28-Oct-2009::16:14:50 ===
Supervisor: {local,ejabberd_c2s_sup}
Context: child_terminated
Reason: {badarg,
[{extauth,call_port,2},
{ejabberd_auth,
'-check_password_with_authmodule/3-fun-0-',
4},
{lists,dropwhile,2},
{ejabberd_auth,check_password_with_authmodule,3},
{cyrsasl_plain,mech_step,2},
{cyrsasl,server_step,2},
{ejabberd_c2s,wait_for_feature_request,2},
{gen_fsm,handle_msg,7}]}
Offender: [{pid,<0.457.0>},
{name,undefined},
{mfa,
{ejabberd_c2s,
start_link,
[{ejabberd_socket,
{socket_state,gen_tcp,#Port<0.458>,<0.456.0>}},
[{access,c2s},
{shaper,c2s_shaper},
{max_stanza_size,65536},
starttls,
{certfile,"/etc/ejabberd/ejabberd.pem"}]]}},
{restart_type,temporary},
{shutdown,brutal_kill},
{child_type,worker}]
I don't know what's going on. Please help. =)
Something is wrong with the script, if your using Ubuntu i'd suggest su'ing to the ejabberd account and attempt to run the script. I had a similar issue where it was refusing to authenticate due to permission issues when the script tried to open a log file.