Software / code / prosody-modules
Annotate
mod_sasl2_fast/README.md @ 6132:ffec70ddbffc
mod_flags: trunk version backported to 0.12
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sat, 04 Jan 2025 17:50:35 +0000 |
| parent | 6107:bc7acb8e627e |
| rev | line source |
|---|---|
| 5092 | 1 --- |
| 2 labels: | |
| 3 - Stage-Beta | |
| 4 summary: "Fast Authentication Streamlining Tokens" | |
|
5095
745c7f4cca40
mod_sasl2_fast: Add explicit dependency on mod_sasl2
Kim Alvefur <zash@zash.se>
parents:
5092
diff
changeset
|
5 rockspec: |
|
745c7f4cca40
mod_sasl2_fast: Add explicit dependency on mod_sasl2
Kim Alvefur <zash@zash.se>
parents:
5092
diff
changeset
|
6 dependencies: |
|
745c7f4cca40
mod_sasl2_fast: Add explicit dependency on mod_sasl2
Kim Alvefur <zash@zash.se>
parents:
5092
diff
changeset
|
7 - mod_sasl2 |
| 5092 | 8 --- |
| 9 | |
|
5901
70fa3f8de249
mod_sasl2_fast: Update reference to now published XEP-0484 (thanks gooya)
Kim Alvefur <zash@zash.se>
parents:
5095
diff
changeset
|
10 This module implements a mechanism described in [XEP-0484: Fast Authentication Streamlining Tokens] via which clients can exchange a |
|
70fa3f8de249
mod_sasl2_fast: Update reference to now published XEP-0484 (thanks gooya)
Kim Alvefur <zash@zash.se>
parents:
5095
diff
changeset
|
11 password for a secure token, improving security and streamlining future reconnections. |
| 5092 | 12 |
| 13 This module depends on [mod_sasl2]. | |
| 14 | |
| 15 ## Configuration | |
| 16 | |
| 17 | Name | Description | Default | | |
| 18 |---------------------------|--------------------------------------------------------|-----------------------| | |
|
6107
bc7acb8e627e
mod_sasl2_fast: Update Compatibility
Menel <menel@snikket.de>
parents:
5901
diff
changeset
|
19 | sasl2_fast_token_ttl | Default token expiry (seconds) | 86400*21 (21 days) | |
|
bc7acb8e627e
mod_sasl2_fast: Update Compatibility
Menel <menel@snikket.de>
parents:
5901
diff
changeset
|
20 | sasl2_fast_token_min_ttl | Time before tokens are eligible for rotation (seconds) | 86400 (1 day) | |
| 5092 | 21 |
| 22 The `sasl2_fast_token_ttl` option determines the length of time a client can | |
| 23 remain disconnected before being "logged out" and needing to authenticate with | |
| 24 a password. Clients must perform at least one FAST authentication within this | |
| 25 period to remain active. | |
| 26 | |
| 27 The `sasl2_fast_token_min_ttl` option defines how long before a token will be | |
| 28 rotated by the server. By default a token is rotated if it is older than 24 | |
| 29 hours. This value should be less than `sasl2_fast_token_ttl` to prevent | |
| 30 clients being logged out unexpectedly. | |
|
6107
bc7acb8e627e
mod_sasl2_fast: Update Compatibility
Menel <menel@snikket.de>
parents:
5901
diff
changeset
|
31 |
|
bc7acb8e627e
mod_sasl2_fast: Update Compatibility
Menel <menel@snikket.de>
parents:
5901
diff
changeset
|
32 # Compatibility |
|
bc7acb8e627e
mod_sasl2_fast: Update Compatibility
Menel <menel@snikket.de>
parents:
5901
diff
changeset
|
33 |
|
bc7acb8e627e
mod_sasl2_fast: Update Compatibility
Menel <menel@snikket.de>
parents:
5901
diff
changeset
|
34 Prosody-Version Status |
|
bc7acb8e627e
mod_sasl2_fast: Update Compatibility
Menel <menel@snikket.de>
parents:
5901
diff
changeset
|
35 --------------- ---------------------- |
|
bc7acb8e627e
mod_sasl2_fast: Update Compatibility
Menel <menel@snikket.de>
parents:
5901
diff
changeset
|
36 trunk Works as of 2024-12-21 |
|
bc7acb8e627e
mod_sasl2_fast: Update Compatibility
Menel <menel@snikket.de>
parents:
5901
diff
changeset
|
37 0.12 Does not work |
