ns_sso

Module Author: zabadab
Category: NickServ
Status: Published
User Rating: (0 Comments)

(NO LONGER MAINTAINED)

This module provides the following additions to Anope. It works with PostgreSQL. MySQL is not supported. It provides several settings to control its functionality and has highly detailed documentation that explains how all aspects of the module work.

1) Ticket-Based Authentication for Single Sign-On

Two new commands are added:
/msg NickServ TICKETIDENTIFY [Ticket]
/msg NickServ TICKETGHOST [Nickname] [Ticket]

NickServ checks whether the ticket string represents a valid ticket, the IP address the ticket is for, whether the nickname to identify for or to ghost matches the expected nickname, the time the ticket was created, and whether it has already been used. If all checks pass, NickServ accepts the ticket, identifies or ghosts the nickname, and marks it as used in the database.

The original password was never used during the process, so if Mallory was listening to your network traffic, he would not be able to impersonate you, unless he:

1) Manages to connect using and perform the command before you do
2) Manages to somehow fool Anope into thinking he is using your nick and IP address
3) Manages to perform 1) and 2) in under a short, user-definable interval

A possible usage scenario is a web-based IRC applet, where you want to prevent outputting the user's password in the HTML, since it could be sniffed or extracted by malware.

Tickets are stored in a database table.

2) Comprehensive Task-Based User Management (Optional)

If you have your own account management and don't want people managing their information through NickServ, this is for you. By writing tasks to a database table, you can:

1) Register nicknames
2) Rename nicknames
3) Drop nicknames
4) Change nickname passwords
5) Change the E-Mail address associated with a nickname
6) Add A-Kills and suspend nicknames
7) Remove A-Kills and unsuspend nicknames

This part is optional and can be disabled if you only want ticket-based authentication. It is somewhat intrusive. People will no longer be able to register or drop nicknames, and attempts to change passwords or E-Mail addresses will be rejected with a message telling people to visit a user-defined website where to make these changes.

Latest Module Releases

• v0.4 - Released: 04/01/10 (1 file)

  Release Notes:
  This release adds support for a new command: /MSG NickServ TICKETGHOST [Nickname] [Ticket]. This is useful to work around Web-IRC applets who don't clean up after themselves when the user navigates away from the page. If the user returns, you can use TICKETGHOST to ghost away their nickname if you find that it is still connected. You can use one ticket for both TICKETGHOST and TICKETIDENTIFY as the former command will not mark the ticket as used.
  
  The documentation -- as if it isn't already verbose enough -- has been expanded to describe all commands added/modified by this module.
  

  Files:
  
  - ns_sso.zip For Anope 1.8 (designed for 1.8.2) - (159 Downloads)
  

  
  

• v0.3 - Released: 24/12/09 (1 file)

  Release Notes:
  * Support for Win32. Building on Windows is not that easy. README.win32 will guide you through it though.
  * Fix build errors on Windows because of variables not being declared at top of function (gcc4.3.4 didn't care on Linux, which is worrying).
  * Updated documentation. Among the changes is a failsafe, copy-and-paste-ready version of the settings required for the module.
  

  Files:
  
  - ns_sso-v0_3-24-Dec-09.zip For Anope 1.8 (designed for 1.8.2) - (103 Downloads)
  

  
  

• v0.2 - Released: 23/12/09 (1 file)

  Release Notes:
  First release for the public.
  
  This module still needs a lot of testing. If anyone wants to test and/or review the code, please go for it.
  

  Files:
  
  - ns_sso-v0_2-23-Dec-09.zip For Anope 1.8 (designed for 1.8.2) - (64 Downloads)
  

  
  

Recent User Comments

• No User Comments

Post A Comment

You need to be logged in to post a comment.