ejabberd instant messaging server [PSARC/2008/340 FastTrack timeout 05/29/2008]
Darren J Moffat
Darren.Moffat at sun.com
Mon Jun 2 03:12:32 PDT 2008
Raymond Xiong wrote:
> Two more notes on user authentication:
>
> 1) ejabberd also supports PAM authentication. So it is possible to
> use UNIX accounts for ejabberd user authentication(though I don't think
> this was recommended in its manual). For various reason, this feature
> won't be supported in my package.
Actually that might be a much better idea because it opens up a lot of
scope for better authentication.
Given that Solaris invented PAM I find it very strange to integrate
something that has PAM support available but to disable it.
Running with PAM will, unfortunately, require that the daemon run with
all privileges during authentication.
I think unfortunately this case is getting to the point that it should
come for full review (sadly it looked like it was converging). I'm not
derailing yet but I might.
--
Darren J Moffat
More information about the opensolaris-arc
mailing list