Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Hybrid auth provider

Description

Create a hybrid AuthProvider that can be used to string multiple other AuthProvider implementations together. It will allow a primary, secondary and tertiary provider to be configured. When authentication needs to be done:

1) Attempt authentication using the primary. If that fails:
2) Attempt authentication using the secondary. If that fails:
3) Attempt authentication using the tertiary.

For each of the providers (primary, secondary, etc), an override list of users can be specified. If a user is in the override list, authentication will only be attempted with that provider.

Environment

None

Activity

Show:

John 
December 21, 2008 at 5:22 AM

Can anyone help explain how to implement this?

I don't see where to put the HybridUser...java file.

Also, what DB settings do I need?

For instance, I currently use LDAP, which works. When I set the DB settings above, I can no longer login to the admin console or connect as a client.

What my ultimate goal is, is to read users from LDAP, and then also be able to read users from teh Openfire DB so I can add non-LDAP users.

Thanks...

John

Monkey Monster 
September 30, 2008 at 11:36 PM

HOW TO:

In your mySQL database in the ofproperty table update the name-value pairs to the following:

provider.user.className = org.jivesoft.openfire.user.HybridUserProvider
provider.auth.className = org.jivesoft.openfire.user.HybridAuthProvider

Add the following name-value pairs in the table:

hybridAuthProvider.primaryProvider.className = org.jivesoft.openfire.ldap.LdapAuthProvider
hybridAuthProvider.secondaryProvider.className = org.jivesoft.openfire.auth.DefaultAuthProvider

In the openfile.xml add the following xml snippet:

<hybridUserProvider><primaryProvider><className>org.jivesoft.openfire.ldap.LdapUserProvider</className></primaryProvider></hybridUserProvider>

<hybridUserProvider><secondaryProvider><className>org.jivesoft.openfire.user.DefaultUserProvider</className></secondaryProvider></hybridUserProvider>

I am not sure if the HybridUserProvider class was updated in the 3.6.0a version to look for the properties in the database yet. If it has been then add the following rows in the ofproperty table:

hybridUserProvider.primaryProvider.className = org.jivesoft.openfire.ldap.LdapUserProvider
hybridUserProvider.secondaryProvider.className = org.jivesoft.openfire.auth.DefaultUserProvider

Hope this helps!

Daryl Herzmann 
September 30, 2008 at 10:55 PM

Hi,

You folks may wish to contact the provider's author for implementation details.

http://www.igniterealtime.org/community/people/rb2k

daryl

Maxime Cheramy 
September 30, 2008 at 5:32 PM

Same question than Sindre. I'd like to use this feature... But I don't know how.

Sindre Schulstad 
September 11, 2008 at 4:27 PM

Could anyone provide a howto on using this? I am trying to create some local users in addition to the ldap users... Is that possible by using this feature?

Fixed

Details

Assignee

Reporter

Components

Fix versions

Affects versions

Priority

Created September 19, 2005 at 3:57 AM
Updated December 21, 2008 at 5:22 AM
Resolved August 22, 2008 at 1:04 AM