sorry for my long question. Just to figure out the scenario. I have an Ubuntu host machine where I installed VirtualBox and an Ubuntu guest VM box. The guest has IP address 192.168.56.101. Here I installed a LAMP server with a Web platform written in PHP, and Ejabberd 16.01
Here it is my /etc/hosts on the host machine:
192.168.56.101 localmessage.my.website
When Ejabberd uses internal authorization, I have no problems. The Ejabberd Web administration panel is reachable by host machine like a charm (through URL https://localmessage.my.website:5280/admin).
After that, I tried to exploit the mySQL database of Web platform for Ejabberd's external authentication. I implemented a PHP file (check_mysql.php) starting from https://github.com/leesherwood/ejabberd-php-auth. I saved it into /var/www directory of guest machine, I set its owner to ejabberd:ejabberd and enabled execute permissions. When I tested the solution by command line (by running php /var/www/check_mysql.php and then writing to the prompt 00auth:username:servername:password, by getting inspirations from https://github.com/leesherwood/ejabberd-php-auth/tree/master/examples/Collection), it works. But, when I try to reach the Ejabberd's Web admin panel from host machine, I receive authorization error and a loop of requesting admin credentials. Here is the /etc/ejabberd/ejabberd.yml configuration file on guest machine:
loglevel: 4
log_rotate_size: 0
log_rotate_date: ""
log_rate_limit: 100
hosts:
- "localhost"
- "localmessage.my.website"
listen:
-
port: 5222
ip: "::"
module: ejabberd_c2s
certfile: "/etc/ejabberd/ejabberd.pem"
starttls: true
protocol_options:
- "no_sslv3"
## - "no_tlsv1"
max_stanza_size: 65536
shaper: c2s_shaper
access: c2s
zlib: true
resend_on_timeout: if_offline
-
port: 5269
ip: "::"
module: ejabberd_s2s_in
-
port: 5280
ip: "::"
module: ejabberd_http
request_handlers:
"/websocket": ejabberd_http_ws
## "/pub/archive": mod_http_fileserver
web_admin: true
http_bind: true
## register: true
captcha: true
tls: true
certfile: "/etc/ejabberd/ejabberd.pem"
disable_sasl_mechanisms: "digest-md5"
s2s_use_starttls: optional
s2s_certfile: "/etc/ejabberd/ejabberd.pem"
s2s_protocol_options:
- "no_sslv3"
auth_password_format: plain
auth_method: external
extauth_program: "/var/www/check_mysql.php"
shaper:
normal: 1000
fast: 50000
max_fsm_queue: 1000
acl:
admin:
user:
- "admin": "localhost"
local:
user_regexp: ""
loopback:
ip:
- "127.0.0.0/8"
access:
max_user_sessions:
all: 10
max_user_offline_messages:
admin: 5000
all: 100
local:
local: allow
c2s:
blocked: deny
all: allow
c2s_shaper:
admin: none
all: normal
s2s_shaper:
all: fast
announce:
admin: allow
configure:
admin: allow
muc_admin:
admin: allow
muc_create:
local: allow
muc:
all: allow
pubsub_createnode:
local: allow
register:
all: allow
trusted_network:
loopback: allow
language: "en"
modules:
mod_adhoc: {}
mod_admin_extra: {}
mod_announce: # recommends mod_adhoc
access: announce
mod_blocking: {} # requires mod_privacy
mod_caps: {}
mod_carboncopy: {}
mod_client_state: {}
mod_configure: {} # requires mod_adhoc
mod_disco: {}
mod_echo: {}
mod_irc: {}
mod_http_bind: {}
## mod_http_fileserver:
## docroot: "/var/www"
## accesslog: "/var/log/ejabberd/access.log"
mod_last: {}
mod_muc:
## host: "conference.@HOST@"
access: muc
access_create: muc_create
access_persistent: muc_create
access_admin: muc_admin
## mod_muc_log: {}
mod_muc_admin: {}
## mod_multicast: {}
mod_offline:
access_max_user_messages: max_user_offline_messages
mod_ping: {}
## mod_pres_counter:
## count: 5
## interval: 60
mod_privacy: {}
mod_private: {}
## mod_proxy65: {}
mod_pubsub:
access_createnode: pubsub_createnode
ignore_pep_from_offline: true
last_item_cache: false
plugins:
- "flat"
- "hometree"
- "pep" # pep requires mod_caps
mod_register:
welcome_message:
subject: "Welcome!"
body: |-
Hi.
Welcome to this XMPP server.
ip_access: trusted_network
access: register
mod_roster: {}
mod_shared_roster: {}
mod_stats: {}
mod_time: {}
mod_vcard:
search: false
mod_version: {}
allow_contrib_modules: true
Could you figure out the reason of this error, please?
EDIT 1
I checked comments of @Badlop. I had already set +x
for owner, group and other users. After @Badlop suggestions, I have set loglevel to 5, and tried the ejabberdctl command. Here is the result (unfortunately I have to link a screenshot on my GoogleDrive): https://drive.google.com/open?id=1_jWJeulge_q6XYeM3hTGzbavRjjWp19s
Could someone figure out the reason, please?
EDIT 2 With the Perl script provided by Ejabberd, as well as with my script, I run the command
ejabberdctl check_password user1 localhost mypass11
I obtain the same error as previously depicted in Edit 1. Obviously, I assigned the ejabberd:ejabberd owning, and enabled +x for user, group and others, to each one of the scripts. I inspected the /var/log/ejabberd/error.log and /var/log/ejabberd.log. Both reports the same error:
@extauth:loop:142 extauth script has exitted abruptly with reason 'normal'
I moved the Perl as well as my PHP script within the folder /etc/ejabberd. Same error.
Please, help. Thanks