Drupal Authentication Added

Artur Hefczyc <artur.hefczyc@tigase.net> v2.0, June 2014: Reformatted for AsciiDoc. :toc: :numbered: :website: http://tigase.net :Date: 2010-04-06 21:18

Well it is authentication against Drupal database at the moment. So it is not full integration with Drupal yet.

As Drupal keeps encrypted passwords in database the only possible authorization protocols are those based on PLAIN passwords.

To protect your passwords Tigase server must be used with SSL or TLS encryption.

Implementation of Drupal database based authorization is located in tigase.db.jdbc.DrupalAuth class. Although this class is capable of adding new user to the repository I recommend to switch in-band registration off due to the caching problems in Drupal. Changes in database are not synchronized with Drupal yet. Function for adding new users is implemented only to ease user accounts migration from different repository type from earlier Tigase server installation.

The idea of that implementation was to allow all accounts administration tasks from Drupal like: account creation, all accounts settings, like e-mail, full name, password changes and so on.

Tigase server uses following fields from Drupal database: name (user account name), pass (user account password), status (status of the account). Server picks up all changes instantly. If user status is not 1 then server won’t allow user to login trough Jabber/XMPP even if user provides valid password.

There is no Roster management in Drupal yet. So Roster management have to be done from Jabber/XMPP client.