search

tigase / tigase-server

(M) Highly optimized, extremely modular and very flexible XMPP/Jabber server
https://tigase.net
GNU Affero General Public License v3.0
322 stars 107 forks source link

Can I develop a plugin replacement tigase built in user management or authentication system #166

Open robertbob987 opened 1 year ago

robertbob987 commented 1 year ago

Can I develop a plugin replacement tigase built in user management or authentication system

I expect to develop a plugin replacement tigase built-in user management and authentication system; the plugin will be connected to an external database. When an administrator adds a user to the APP or management page, the user's information is added to this external database

arthef commented 1 year ago

Yes, there is an API in Tigase server specifically for this use-case. More over, in most cases, you do not even need to add a new plugin. There is a way to configure Tigase to use a different database just for user authentication and you can even provide Tigase with SQL queries or stored procedures which it should use for authentication.

This way you can have a completely custom database for user authentication data.

arthef commented 1 year ago

If you are interested in this approach, I suggest you look at the documentation for more details: https://docs.tigase.net/en/latest/Tigase_Administration/Security/_Security.html?highlight=custom#custom-authentication-connectors

robertbob987 commented 1 year ago

thank

robertbob987 commented 1 year ago

But what if my external authentication system is not database-based

hantu85 commented 1 year ago

You can implement new custom authentication repository and replace it instead of using TigaseCustomAuth. See LDAP Authentication Connector for details on how to use a custom class authentication repository.

robertbob987 commented 1 year ago

thanks

wailwinphyo2020 commented 1 year ago

Hi @hantu85, I would like to ask something about custom authentication. Currently, I am integration xmpp server along side with external API existing system. Mobile get token from API server and token is stored in redis cache.

I followed your instruction to make custom authentication with redis. Here is my custom authentication file and config.tdsl file. I have recompile tigase-server.jar file and rebuild docker for xmpp server but no using the custom one.

https://gist.github.com/wailwinphyo2020/e34ed2aec6ef524161a247275235966e

Can you suggest me the best way to do it?

woj-tek commented 1 year ago

In your code you have: @Repository.Meta(isDefault = true, supportedUris = {"jdbc:[^:]+:.*"}) (note supportedUris!) while your datasource is mongodb: ( uri = 'mongodb://tigase:…).

wailwinphyo2020 commented 1 year ago

@woj-tek Thanks for advice! I have updated like this - @Repository.Meta(isDefault = true, supportedUris = {"mongodb:.*"}). But no luck and it is not using my custom auth implementation.

wailwinphyo2020 commented 1 year ago

After project clean up and updating that header help! Thanks @woj-tek for your advice!

woj-tek commented 1 year ago

Great it worked.

One thing I would recommend to ease with development and maintenance would be creating dedicated maven project with your code, build it (create jar file) and then, instead of rebulding tigase-server docker image, create one based on tigase-server