NAME

DJabberd::SASL - Base plugin for SASL Negotiation

DESCRIPTION

This base plugin just provides the skeleton necessary for building SASL layers within DJabberd. It provides one hook (GetSASLManager) to initiate the SASL negotiation and return a SASL Manager object; and it hooks the SASL stanzas to the default DJabberd::Stanza::SASL class.

See DJabberd::SASL::AuthenSASL for a concrete plugin based on DJabberd::SASL.

HOW DOES THE DEFAULT SASL INFRASTRUCTURE WORK

When a DJabberd::SASL subclass is declared inside of a VHost, it enables SASL negotiation for the connection.

What does that mean is that SASL will be advertised in the stream features. Then, when the client sends a SASL stanza (see RFC 3920), they are handled using DJabberd::Stanza::SASL class, which makes a few assumption:

The plugin supports the GetSASLManager hook that returns a DJabberd::SASL::ManagerBase subclass.
The interface to this manager and to the sasl connection object (see later) is a superset of Authen::SASL interface.

From there, the SASL negotiation is in the hands of the configured SASL Manager.

One configuration option is common to all plugins: This is "Optional" which advertises to the client if SASL is optional or not. By default SASL is (and should be) required.

SYNOPSIS

    <VHost yann.cyberion.net>
        <Plugin DJabberd::SASL::%Subclass%>
            Optional   yes
            %Config%
        </Plugin>
    </VHost>

EXTENDING SASL IN DJABBERD

See examples.

It's fairly easy to extend the SASL phase with anything you like provided the simple DJabberd::SASL::ManagerBase and DJabberd::SASL::Connection which are based on Authen::SASL are repected.

Alternatively since this is just a plugin, you can also throw it away altogether and write something from scratch. You'll have to provide a new set of handlers for the SASL stanzas though (in replacement of DJabberd::Stanzas::SASL.

COPYRIGHT

This module is part of the DJabberd distribution and is covered by the distribution's overall licence.