view mod_s2s_auth_compat/README.markdown @ 5278:d94dba396f9f

mod_http_oauth2: Declare additional client registration fields as strings Previously any property not listed in the schema was allowed in any form, which is probably a bit too liberal. Instead, limit extra fields to simple strings, which should still allow localized versions of the various URIs and descriptive properties per RFC 7591 ยง2.2
author Kim Alvefur <zash@zash.se>
date Sun, 26 Mar 2023 14:44:30 +0200
parents 4d73a1a6ba68
children
line wrap: on
line source

---
labels:
summary: Workaround for servers doing EXTERNAL without proper stream headers
...

Introduction
============

This module is a workaround for servers that try to do s2s
authentication with certificates and SASL EXTERNAL, but do not send
correct stream headers. Notably Openfire versions since 3.7 or 3.8.