prosody-modules
23c4c61a1068
mod_sasl2_fast/README.md

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

Annotate

mod_sasl2_fast/README.md @ 6055:23c4c61a1068

mod_muc_gateway_optimize: New module to optimize muc presence to remote gateways Some gateways are happy to receive presence for each participant in MUCs that they are in only once, to any one of their joined JIDs.
author Stephen Paul Weber <singpolyma@singpolyma.net>
date Sun, 17 Nov 2024 22:32:52 -0500
parent 5901:70fa3f8de249
child 6107:bc7acb8e627e
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
5092
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 ---
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 labels:
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 - Stage-Beta
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 summary: "Fast Authentication Streamlining Tokens"
5095
745c7f4cca40 mod_sasl2_fast: Add explicit dependency on mod_sasl2
Kim Alvefur <zash@zash.se>
parents: 5092
diff changeset
5 rockspec:
745c7f4cca40 mod_sasl2_fast: Add explicit dependency on mod_sasl2
Kim Alvefur <zash@zash.se>
parents: 5092
diff changeset
6 dependencies:
745c7f4cca40 mod_sasl2_fast: Add explicit dependency on mod_sasl2
Kim Alvefur <zash@zash.se>
parents: 5092
diff changeset
7 - mod_sasl2
5092
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 ---
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9
5901
70fa3f8de249 mod_sasl2_fast: Update reference to now published XEP-0484 (thanks gooya)
Kim Alvefur <zash@zash.se>
parents: 5095
diff changeset
10 This module implements a mechanism described in [XEP-0484: Fast Authentication Streamlining Tokens] via which clients can exchange a
70fa3f8de249 mod_sasl2_fast: Update reference to now published XEP-0484 (thanks gooya)
Kim Alvefur <zash@zash.se>
parents: 5095
diff changeset
11 password for a secure token, improving security and streamlining future reconnections.
5092
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13 This module depends on [mod_sasl2].
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15 ## Configuration
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17 | Name | Description | Default |
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 |---------------------------|--------------------------------------------------------|-----------------------|
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 | sasl2_fast_token_ttl | Default token expiry (seconds) | `86400*21` (21 days) |
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20 | sasl2_fast_token_min_ttl | Time before tokens are eligible for rotation (seconds) | `86400` (1 day) |
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22 The `sasl2_fast_token_ttl` option determines the length of time a client can
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 remain disconnected before being "logged out" and needing to authenticate with
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 a password. Clients must perform at least one FAST authentication within this
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 period to remain active.
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
26
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
27 The `sasl2_fast_token_min_ttl` option defines how long before a token will be
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28 rotated by the server. By default a token is rotated if it is older than 24
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
29 hours. This value should be less than `sasl2_fast_token_ttl` to prevent
6594e7a9a174 mod_sasl2_fast: Add README
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
30 clients being logged out unexpectedly.