prosody-modules
93d445b26063
mod_authz_delegate/README.md
Software / code / prosody-modules
File
mod_authz_delegate/README.md @ 5367:93d445b26063
mod_http_oauth2: Validate redirect URI depending on application type
Per https://openid.net/specs/openid-connect-registration-1_0.html
require that web applications use https:// and native applications must
use either http://localhost or a custom (non-https) URI.
Previous requirement that hostname matches that of client_uri is kept
for web applications.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 25 Apr 2023 19:49:41 +0200 |
| parent | 5288:f61564b522f7 |
line wrap: on
line source
--- summary: Authorization delegation rockspec: {} ... This module allows delegating authorization questions (role assignment and role policies) to another host within prosody. The primary use of this is for a group of virtual hosts to use a common authorization database, for example to allow a MUC component to grant administrative access to an admin on a corresponding user virtual host. ## Configuration The following example will make all role assignments for local and remote JIDs from domain.example effective on groups.domain.example: ``` VirtualHost "domain.example" Component "groups.domain.example" "muc" authorization = "delegate" authz_delegate_to = "domain.example" ```
