我在centOS虚拟机中有一个ejabberd 15.03服务器,我需要使用php针对SQL server实现外部身份验证方法。官方文档显示了php/mysql示例php/mysql外部身份验证
是否有一种方法可以将此示例更改为php/sqlserver和mysql_ping等函数。
下面是我编写的一个示例,并将其放在/opt/auth/下,并将ejabberd.yml配置为执行is作为外部身份验证。
$auth = new JabberAuth();
$auth->dbhost = "hostIP";
$auth->dbuser = "user";
$auth->dbpass = "pass";
$auth->dbbase = "databaseName";
$auth->play(); // We simply start process !
class JabberAuth {
var $dbhost;
var $dbuser;
var $dbpass;
var $dbbase;
var $debug = false; /* Debug mode */
var $debugfile = "/opt/auth/log/pipe-debug.log"; /* Debug output */
var $logging = false; /* Do we log requests ? */
var $logfile = "/opt/auth/log/pipe-log.log" ; /* Log file ... */
/*
* For both debug and logging, ejabberd have to be able to write.
*/
var $jabber_user; /* This is the jabber user passed to the script. filled by $this->command() */
var $jabber_pass; /* This is the jabber user password passed to the script. filled by $this->command() */
var $jabber_server; /* This is the jabber server passed to the script. filled by $this->command(). Useful for VirtualHosts */
var $jid; /* Simply the JID, if you need it, you have to fill. */
var $data; /* This is what SM component send to us. */
var $dateformat = "M d H:i:s"; /* Check date() for string format. */
var $command; /* This is the command sent ... */
var $mysock; /* MySQL connection ressource */
var $stdin; /* stdin file pointer */
var $stdout; /* stdout file pointer */
function JabberAuth()
{
@define_syslog_variables();
@openlog("pipe-auth", LOG_NDELAY, LOG_SYSLOG);
if($this->debug) {
@error_reporting(E_ALL);
@ini_set("log_errors", "1");
@ini_set("error_log", $this->debugfile);
}
$this->logg("Starting pipe-auth ..."); // We notice that it's starting ...
$this->openstd();
}
function stop()
{
$this->logg("Shutting down ..."); // Sorry, have to go ...
closelog();
$this->closestd(); // Simply close files
exit(0); // and exit cleanly
}
function openstd()
{
$this->stdout = @fopen("php://stdout", "w"); // We open STDOUT so we can read
$this->stdin = @fopen("php://stdin", "r"); // and STDIN so we can talk !
}
function readstdin()
{
$l = @fgets($this->stdin, 3); // We take the length of string
$length = @unpack("n", $l); // ejabberd give us something to play with ...
$len = $length["1"]; // and we now know how long to read.
if($len > 0) { // if not, we'll fill logfile ... and disk full is just funny once
$this->logg("Reading $len bytes ... "); // We notice ...
$data = @fgets($this->stdin, $len+1);
// $data = iconv("UTF-8", "ISO-8859-15", $data); // To be tested, not sure if still needed.
$this->data = $data; // We set what we got.
$this->logg("IN: ".$data);
}
}
function closestd()
{
@fclose($this->stdin); // We close everything ...
@fclose($this->stdout);
}
function out($message)
{
@fwrite($this->stdout, $message); // We reply ...
$dump = @unpack("nn", $message);
$dump = $dump["n"];
$this->logg("OUT: ". $dump);
}
function myalive()
{
if(!is_resource($this->mysock) || !@mysql_ping($this->mysock)) { // check if we have a MySQL connection and if it's valid.
$this->mysql(); // We try to reconnect if MySQL gone away ...
return @mysql_ping($this->mysock); // we simply try again, to be sure ...
} else {
return true; // so good !
}
}
function play()
{
do {
$this->readstdin(); // get data
$length = strlen($this->data); // compute data length
if($length > 0 ) { // for debug mainly ...
$this->logg("GO: ".$this->data);
$this->logg("data length is : ".$length);
}
$ret = $this->command(); // play with data !
$this->logg("RE: " . $ret); // this is what WE send.
$this->out($ret); // send what we reply.
$this->data = NULL; // more clean. ...
} while (true);
}
function command()
{
$data = $this->splitcomm(); // This is an array, where each node is part of what SM sent to us :
// 0 => the command,
// and the others are arguments .. e.g. : user, server, password ...
if($this->myalive()) { // Check we can play with MySQL
if(strlen($data[0]) > 0 ) {
$this->logg("Command was : ".$data[0]);
}
switch($data[0]) {
case "isuser": // this is the "isuser" command, used to check for user existance
$this->jabber_user = $data[1];
$parms = $data[1]; // only for logging purpose
$return = $this->checkuser();
break;
case "auth": // check login, password
$this->jabber_user = $data[1];
$this->jabber_pass = $data[3];
$parms = $data[1].":".$data[2].":".md5($data[3]); // only for logging purpose
$return = $this->checkpass();
break;
case "setpass":
$return = false; // We do not want jabber to be able to change password
break;
default:
$this->stop(); // if it's not something known, we have to leave.
// never had a problem with this using ejabberd, but might lead to problem ?
break;
}
$return = ($return) ? 1 : 0;
if(strlen($data[0]) > 0 && strlen($parms) > 0) {
$this->logg("Command : ".$data[0].":".$parms." ==> ".$return." ");
}
return @pack("nn", 2, $return);
} else {
// $this->prevenir(); // Maybe useful to tell somewhere there's a problem ...
return @pack("nn", 2, 0); // it's so bad.
}
}
function checkpass()
{
$hash=sha1($this->jabber_pass);
$query = mssql_query("SELECT [attribute] FROM [DatabaseName].[dbo].[table] where (S_USERNAME='$this->jabber_user') AND (SUBSTRING(S_PASSWORD,1,(LEN(S_PASSWORD)-3)))='$hash'");
// Check if there were any records
if (!mssql_num_rows($query)) {
return false;
} else {
return true;
}
}
function checkuser()
{
$query = mssql_query("SELECT [attribute] FROM [DatabaseName].[dbo].[table] where S_USERNAME='$this->jabber_user'");
// Check if there were any records
if (!mssql_num_rows($query)) {
return false;
} else {
return true;
}
}
function splitcomm() // simply split command and arugments into an array.
{
return explode(":", $this->data);
}
function mysql() // "MySQL abstraction", this opens a permanent MySQL connection, and fill the ressource
{
$this->mysock = @mssql_pconnect($this->dbhost, $this->dbuser, $this->dbpass);
echo '1';
var_dump($this->mysock);
@mssql_select_db($this->dbbase, $this->mysock);
$this->logg("MsSql :: ". (is_resource($this->mysock) ? "Connecté" : "Déconnecté"));
}
function logg($message) // pretty simple, using syslog.
// some says it doesn't work ? perhaps, but AFAIR, it was working.
{
if($this->logging) {
@syslog(LOG_INFO, $message);
}
}
}
这并没有造成任何php错误。但在ejabberd.log中,我总是得到'extauth脚本突然退出,原因为'normal''
这是crash.log 中的崩溃报告
2015-04-01 17:44:12=碰撞报告====不速之客:初始调用:ejabberd_http:init/2pid:<0.8779.0>registered_name:[]异常错误:错误的参数:[{extauth,call_port,2,[{file,"src/extauth.erl"},{line,99}]},{ejabberd_auth_external,check_password_extauth,3,[{s file,"src/ejabberd_auth_exteernal.erl"}、{line、182}]},{ejabberr_auth_externa,check_pass word_external_cache,3,[[file,"src/ejabberrd_auth_external.erl"},bberd_auth,check_password_loop,2,[{file,"src/ejaberd_auth.ell"},{line,158}]},{ejabberd_auth,check_password,3,[{file,"src/ejabberd_auth.ell"},{line,106}]},{ejabord_web_admin,get_auth_account,5,[{}file,"src/ejabord.web_admin.ell"},{line,266}]},_http.ell"},{行,359}]}]祖先:[ejaberd_http_sup,ejaberd_sup,<0.37.0>]消息:[]链接:[lt;0.327.0>,#端口<0.12042>]字典:[{random_seed,{2036672929501}}]trap_exit:false状态:运行堆大小:2586stack_size:27减少:1244邻居:2015-04-01 17:44:12=监督员报告====主管:{local,ejabberd_http_sup}上下文:child_terminated原因:badarg罪犯:{pid,<0.8779.0>},{name,undefined},{mfargs,{ejabberd_http,start_link,undefine}},{restart_type,temporary},{shutdown,1000},{child_type,worker}]
这似乎是一个配置错误。这是我添加到ejabberd.yml 的内容
auth_method: external
extauth_program: "php -f /etc/ejabberd-15.03/auth_script.php"
extauth_cache: 600
extauth_instances: 3
我认为最新版本的ejabberd不支持SQL server。所以我最终转到了支持许多数据库的openfire。