Mercurial Mercurial > prosody > prosody-modules / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_authz_delegate/README.md
author Matthew Wild <mwild1@gmail.com>
Fri, 23 Feb 2024 13:02:33 +0000
changeset 5845 904b226fddf1
parent 5292 f61564b522f7
permissions -rw-r--r--
mod_pubsub_serverinfo: Update README to link to known issues
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
5292
f61564b522f7 mod_authz_delegate: introduce module to "link" authorization of hosts
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset 
     1
 
---
f61564b522f7 mod_authz_delegate: introduce module to "link" authorization of hosts
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset 
     2
 
summary: Authorization delegation
f61564b522f7 mod_authz_delegate: introduce module to "link" authorization of hosts
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset 
     3
 
rockspec: {}
f61564b522f7 mod_authz_delegate: introduce module to "link" authorization of hosts
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset 
     4
 
...
f61564b522f7 mod_authz_delegate: introduce module to "link" authorization of hosts
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset 
     5
 












f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




     6


This module allows delegating authorization questions (role assignment and












f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




     7


role policies) to another host within prosody.












f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




     8














f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




     9


The primary use of this is for a group of virtual hosts to use a common












f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




    10


authorization database, for example to allow a MUC component to grant












f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




    11


administrative access to an admin on a corresponding user virtual host.












f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




    12














f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




    13


## Configuration












f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




    14














f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




    15


The following example will make all role assignments for local and remote JIDs












f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




    16


from domain.example effective on groups.domain.example:












f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




    17














f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




    18


```












f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




    19


VirtualHost "domain.example"












f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




    20














f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




    21


Component "groups.domain.example" "muc"












f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




    22


    authorization = "delegate"












f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




    23


    authz_delegate_to = "domain.example"












f61564b522f7
mod_authz_delegate: introduce module to "link" authorization of hosts



Jonas Schäfer <jonas@wielicki.name>


parents: 

diff
changeset




    24


```














prosody-modules