From fca640f50f84c887175a6163065663dcb3eacada Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Tue, 20 May 2014 23:00:28 +0200 Subject: [PATCH] Don't use cached passwords if "extauth_cache: 0" Regarding "extauth_cache", the guide says: "The integer 0 (zero) enables caching for statistics, but doesn't use that cached information to authenticate users." Make sure the cached password isn't used even if the user is currently logged in with another resource. --- src/ejabberd_auth_external.erl | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/ejabberd_auth_external.erl b/src/ejabberd_auth_external.erl index 51c1c620a..74263f748 100644 --- a/src/ejabberd_auth_external.erl +++ b/src/ejabberd_auth_external.erl @@ -186,6 +186,8 @@ check_password_extauth(User, Server, Password) -> try_register_extauth(User, Server, Password) -> extauth:try_register(User, Server, Password). +check_password_cache(User, Server, Password, 0) -> + check_password_external_cache(User, Server, Password); check_password_cache(User, Server, Password, CacheTime) -> case get_last_access(User, Server) of