prosody-modules: mod_sasl2_fast/README.md annotate

annotate mod_sasl2_fast/README.md @ 5170:4d6af8950016

mod_muc_moderation: Derive role from reserved nickname if occupant When using a different client to moderate than the one used to participate in the chat, e.g. a command line tool like clix, there's no occupant and no role to use in the permission check. Previously the default role based on affiliation was used. Now if you are present in the room using your reserved nick, the role you have there is used in the permission check instead of the default affiliation-derived role.

author	Kim Alvefur <zash@zash.se>
date	Sun, 19 Feb 2023 18:17:37 +0100
parents	745c7f4cca40
children	70fa3f8de249

rev	line source
5092 6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	1 ---
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	2 labels:
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	3 - Stage-Beta
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	4 summary: "Fast Authentication Streamlining Tokens"
5095 745c7f4cca40 mod_sasl2_fast: Add explicit dependency on mod_sasl2 Kim Alvefur <zash@zash.se> parents: 5092 diff changeset	5 rockspec:
745c7f4cca40 mod_sasl2_fast: Add explicit dependency on mod_sasl2 Kim Alvefur <zash@zash.se> parents: 5092 diff changeset	6 dependencies:
745c7f4cca40 mod_sasl2_fast: Add explicit dependency on mod_sasl2 Kim Alvefur <zash@zash.se> parents: 5092 diff changeset	7 - mod_sasl2
5092 6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	8 ---
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	9
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	10 This module implements a mechanism via which clients can exchange a password
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	11 for a secure token, improving security and streamlining future reconnections.
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	12
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	13 At the time of writing, the XEP that describes the FAST protocol is still
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	14 working its way through the XSF standards process. You can [view the FAST XEP
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	15 proposal here](https://xmpp.org/extensions/inbox/xep-fast.html).
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	16
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	17 This module depends on [mod_sasl2].
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	18
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	19 ## Configuration
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	20
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	21 \| Name \| Description \| Default \|
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	22 \|---------------------------\|--------------------------------------------------------\|-----------------------\|
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	23 \| sasl2_fast_token_ttl \| Default token expiry (seconds) \| `86400*21` (21 days) \|
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	24 \| sasl2_fast_token_min_ttl \| Time before tokens are eligible for rotation (seconds) \| `86400` (1 day) \|
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	25
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	26 The `sasl2_fast_token_ttl` option determines the length of time a client can
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	27 remain disconnected before being "logged out" and needing to authenticate with
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	28 a password. Clients must perform at least one FAST authentication within this
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	29 period to remain active.
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	30
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	31 The `sasl2_fast_token_min_ttl` option defines how long before a token will be
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	32 rotated by the server. By default a token is rotated if it is older than 24
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	33 hours. This value should be less than `sasl2_fast_token_ttl` to prevent
6594e7a9a174 mod_sasl2_fast: Add README Matthew Wild <mwild1@gmail.com> parents: diff changeset	34 clients being logged out unexpectedly.

Mercurial > prosody-modules

annotate mod_sasl2_fast/README.md @ 5170:4d6af8950016