ejabberd_http_auth: cannot use multiple passwords per user if auth cache is enabled
sonnyp opened this issue · comments
We use ejabberd_http_auth and SASL Plain.
We have multiple passwords (which are in fact oauth tokens) per user.
When the auth cache is enabled if a user authenticates with a password then every other connected clients gets disconnected.
auth_use_cache: false
fixes the issue
I can imagine why this happens and I'm not entirely sure if this should be considered a bug. If not, let me know and I can send a PR to the documentation.
I think that, if your custom auth script accepts different passwords for the same username, then you can't use ejabberd's caching. I'm curious to read your changes in the documentation.