Mercurial > prosody-modules
annotate mod_block_registrations/README.markdown @ 5549:01a0b67a9afd
mod_http_oauth2: Add TODO about disabling password grant
Per recommendation in draft-ietf-oauth-security-topics-23 it should at
the very least be disabled by default.
However since this is used by the Snikket web portal some care needs to
be taken not to break this, unless it's already broken by other changes
to this module.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 16 Jun 2023 00:06:53 +0200 |
parents | 72f23107beb4 |
children |
rev | line source |
---|---|
1803
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1782
diff
changeset
|
1 Introduction |
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1782
diff
changeset
|
2 ============ |
1782 | 3 |
1803
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1782
diff
changeset
|
4 On a server with public registration it is usually desirable to prevent |
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1782
diff
changeset
|
5 registration of certain "reserved" accounts, such as "admin". |
1782 | 6 |
1803
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1782
diff
changeset
|
7 This plugin allows you to reserve individual usernames, or those |
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1782
diff
changeset
|
8 matching certain patterns. It also allows you to ensure that usernames |
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1782
diff
changeset
|
9 conform to a certain pattern. |
1782 | 10 |
1803
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1782
diff
changeset
|
11 Configuration |
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1782
diff
changeset
|
12 ============= |
1782 | 13 |
14 Enable the module as any other: | |
15 | |
16 modules_enabled = { | |
1803
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1782
diff
changeset
|
17 "block_registrations"; |
1782 | 18 } |
19 | |
20 You can then set some options to configure your desired policy: | |
21 | |
5421
a58ba20b3a71
mod_block_registrations: Update description expansion of default list
Kim Alvefur <zash@zash.se>
parents:
2715
diff
changeset
|
22 Option Default Description |
a58ba20b3a71
mod_block_registrations: Update description expansion of default list
Kim Alvefur <zash@zash.se>
parents:
2715
diff
changeset
|
23 ------------------------------ ------------------- ----------------------------------------------------------------------------------------------------------------------------------------------- |
a58ba20b3a71
mod_block_registrations: Update description expansion of default list
Kim Alvefur <zash@zash.se>
parents:
2715
diff
changeset
|
24 block_registrations_users *See source code* A list of reserved usernames |
a58ba20b3a71
mod_block_registrations: Update description expansion of default list
Kim Alvefur <zash@zash.se>
parents:
2715
diff
changeset
|
25 block_registrations_matching `{ }` A list of [Lua patterns](http://www.lua.org/manual/5.1/manual.html#5.4.1) matching reserved usernames (slower than block_registrations_users) |
a58ba20b3a71
mod_block_registrations: Update description expansion of default list
Kim Alvefur <zash@zash.se>
parents:
2715
diff
changeset
|
26 block_registrations_require `nil` A pattern that registered user accounts MUST match to be allowed |
1782 | 27 |
28 Some examples: | |
29 | |
30 block_registrations_users = { "admin", "root", "xmpp" } | |
31 block_registrations_matching = { | |
1803
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1782
diff
changeset
|
32 "master$" -- matches anything ending with master: postmaster, hostmaster, webmaster, etc. |
1782 | 33 } |
2715
9b43b7fc3558
mod_block_registrations: fix example regex
tmolitor <thilo@eightysoft.de>
parents:
2272
diff
changeset
|
34 block_registrations_require = "^[a-zA-Z0-9_.-]+$" -- Allow only simple ASCII characters in usernames |
1803
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1782
diff
changeset
|
35 |
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1782
diff
changeset
|
36 Compatibility |
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1782
diff
changeset
|
37 ============= |
1782 | 38 |
5422
72f23107beb4
mod_block_registrations: Refresh Compatibility section
Kim Alvefur <zash@zash.se>
parents:
5421
diff
changeset
|
39 ------ ------- |
72f23107beb4
mod_block_registrations: Refresh Compatibility section
Kim Alvefur <zash@zash.se>
parents:
5421
diff
changeset
|
40 0.12 Works |
72f23107beb4
mod_block_registrations: Refresh Compatibility section
Kim Alvefur <zash@zash.se>
parents:
5421
diff
changeset
|
41 0.11 Work |
72f23107beb4
mod_block_registrations: Refresh Compatibility section
Kim Alvefur <zash@zash.se>
parents:
5421
diff
changeset
|
42 ------ ------- |